mojoPortal tested for "buffer overflow"?

This is an open forum for any mojoPortal topics that don't fall into the other categories.

This thread is closed to new posts. You must sign in to post in the forums.

4/8/2010 8:59:30 AM

runeh

Total Posts 4

View Posts

mojoPortal tested for "buffer overflow"?

Hi Joe,

Has mojoPortal been tested for typical "buffer overflow" attacks?
I read you saying SQL Injection was a non-issue, and I tested for XSS with no vulnerabilities.
I'm asking because our customer are asking us to document that these typical security-issues are no issues.

Thanks,
Rune

4/8/2010 9:16:20 AM

Joe Audette

Total Posts 18439

View Posts

Re: mojoPortal tested for "buffer overflow"?

Hi Rune,

Buffer overflows are not a common problem in .NET applications in general, that is an issue that is very common in the C programming language because developers have to manage use of memory very carefully to prevent the possibility of buffer overflows.

In C# and in .NET in general the runtime manages memory and we do not have to deal directly with memory management from application code. I've never heard of buffer overflows in .NET applications in general unless they are also using some unmanaged code from non-.NET dlls.

I certainly don't see buffer overflows as a risk factor in using mojoPortal and have never encountered one in many years of development of mojoPortal.

Hope it helps,

Joe

4/8/2010 10:03:50 AM

runeh

Total Posts 4

View Posts

Re: mojoPortal tested for "buffer overflow"?

Thanks,

Thanks for a great responsetime.

You must sign in to post in the forums. This thread is closed to new posts.