On Fri, 18 Jul 2008 09:01:09 -0400 "Brett McCoy" <[EMAIL PROTECTED]> wrote:
> A bug was found in some C++ code recently, in my company. This code is > used on server software for when we have MX lookups for sending mail. > It was found by a customer (*yikes*) after they had applied a Sun > recommended patched cluster on their Solaris server: > The solution, as I found in the documentation from Sun, was to > allocate memory and then fill the memory with 0s, using malloc() + > bzero(), or even better, using calloc() (bzero() is a deprecated > system call on Solaris). calloc(), of course, will zero out the > memory, since it's normally used to create arrays, but we create an > array of one element. We were lucky this had been working all along! Yes, I'm quite amazed by Sun. They engineer their hardware to incredible efficiency but then go and put BIND/Sendmail in their default installs. This is totally crazy as sendmail and bind are perhaps the most buggy internet daemons that I know of. Their OS is great, but their choice of default daemons probably stems from their three versions of backward compatible statements (I know this is related only to binaries but I think their customers don't like change). In the four years that I worked at a registrar my implementation of djbdns didn't once have to be upgraded or patched - perhaps a leaf or two should be taken from djb's secure programming by Vixie. [Non-text portions of this message have been removed]
