Path: csiph.com!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!eternal-september.org!.POSTED!not-for-mail
From: John Ames <commodorejohn@gmail.com>
Newsgroups: comp.os.linux.misc
Subject: Re: VMS
Date: Mon, 21 Jul 2025 13:31:48 -0700
Organization: A noiseless patient Spider
Lines: 28
Message-ID: <20250721133148.00007cc6@gmail.com>
References: <wCqdnYde9MIbmND1nZ2dnZfqnPadnZ2d@giganews.com> <mbmm2nFdsgcU2@mid.individual.net> <slrn105cajs.4vj.spamtrap42@one.localnet> <slrn105g20l.3q8n7.candycanearter07@candydeb.host.invalid> <slrn105k75h.h13.spamtrap42@one.localnet> <wwvpletmv3e.fsf@LkoBDZeT.terraraq.uk> <slrn105mpkd.q0k.spamtrap42@one.localnet> <KeednUgPwP3EDcb1nZ2dnZfqn_QAAAAA@giganews.com> <20250625093213.00002ec2@gmail.com> <20250625094418.00007fd2@gmail.com> <v_2dnfjqXOtB4sH1nZ2dnZfqnPqdnZ2d@giganews.com> <105iv02$3cuhr$2@dont-email.me> <wwvzfcy0z3n.fsf@LkoBDZeT.terraraq.uk> <20250721091242.00007573@gmail.com> <wwvms8x5nsk.fsf@LkoBDZeT.terraraq.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Injection-Date: Mon, 21 Jul 2025 20:31:53 +0000 (UTC)
Injection-Info: dont-email.me; posting-host="753731d93e7185eb75ed51ccf5386484"; logging-data="3130255"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX19wFp5+LfsSfVEYBgNyqT2wKRNet577TyE="
Cancel-Lock: sha1:QGNTMI1haUvT5f9w4QW6cucTKNo=
X-Newsreader: Claws Mail 4.3.0 (GTK 3.24.42; x86_64-w64-mingw32)
Xref: csiph.com comp.os.linux.misc:69821

On Mon, 21 Jul 2025 20:47:23 +0100
Richard Kettlewell <invalid@invalid.invalid> wrote:

> In real life a buffer overrun is not the only outcome to be avoided.
> If you need 20 bytes and you=E2=80=99ve only got 10, _something_ is going=
 to
> go wrong. A bounds check will avoid the outcome being a buffer
> overrun, but you=E2=80=99re still going to have to report an error, or ex=
it
> the program, or some other undesired behaviour, when what you
> actually wanted was the full 20-byte result. That=E2=80=99s what a
> conservative bound helps you with.

Sure - there's nothing wrong with "reserve a bit more than you think
you'll need" in and of itself. But what's been at issue from the start
of this branch discussion is specifically the practice (as was being
advocated) of doing this *as a safeguard* against buffer overruns - a
problem that it does not actually *solve,* just forestalls long enough
for some buggy solution to get embedded and only discovered 20 yrs.
later at some Godforsaken field installation deep in the Pottsylvanian
hinterlands* rather than being caught during development/testing or in
some early deployment.

* (At which point, the field-service tech having finally arrived back
  at the office with a pack of hyenas and the curse of Baba Yaga on
  his/her heels, every other install in the world will abruptly start
  breaking.)