At 4:11 PM +0100 11/2/07, Johan Peeters wrote: > Let me offer a little variant on the previous theme though to > illustrate, hopefully more convincingly, why I find COBOL worrisome: > > ... > 01 txt pic x(2). > .... > move 'hi' to txt > call 'evil-code' using txt > .... > > IDENTIFICATION DIVISION. > PROGRAM-ID. evil-code. > DATA DIVISION. > linkage section. > 01 asset PIC X(1200). > procedure division using asset > .... > > The author of evil-code now has a selection of the contents of the > caller's data segment at his disposal.
Are you saying that evil-code is written in some language that allows it to take advantage of by-reference semantics to go outside the nominal boundaries of 2 bytes presumed by COBOL ? If so, this is hardly an issue specific to COBOL. Presuming evil-code can play address arithmetic issues, any situation where the caller's address space is visible to evil-code is similarly vulnerable. Clearly evil-code should be in a separate address space to defend against such an attack. -- Larry Kilgallen _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
