Re: programs that run but produce the wrong result don't really fall under the "security" heading
> My view is that a bug that can reproducibly crash your machine is as much of a security issue as a bug that silently fails to check credentials correctly and that it's a category error to suggest they're inherently different things and therefore the "security" label shouldn't be applied to one and not the other.
TBH, it depends.
If you have code that
- accepts the overflow
- acts on the untrusted data
- crashes
Then you're no better offer - except in that it's a little more detectable in certain circumstances (you'll log it crashed, or a user will report it crashed)
If you have code with a stack canary thatt
- accepts the overflow
- Tries to act on the untrusted data and crashes
Then you're much better off than it being silently affected - although the underlying issue is there, you've made it harder to use it maliciously (you should, of course, still fix it).
Finally, if your code
- Accepts it
- Acts on it
- Carries on it's merry way
Then you've got the worst of both - you lack the detection vector provided by crashing out *and* would acted on the untrusted input.
All are vulnerable, two are more easily exploitable, but only one can more easily happen again, and again, unnoticed
> that it's a category error to suggest they're inherently different things and therefore the "security" label shouldn't be applied to one and not the other.
100% agree - the security label should apply to all of the above. It's a security vulnerability and needs to be addressed - the stack canary is a mitigation, not a fix.