2

I'm a fairly new user of this site but I have been using other Stack Exchange sites for quite some time. Yesterday, I've answered a question that looked (and still looks) fine to me. However, it was closed as off-topic several hours after I've answered. I'm generally trying to be careful to only answer good questions so I would like to understand what was wrong about this one.

Re-reading the “on-topic” page, I couldn't identify any obvious problem. As far as I can tell, the question was about a common confusion about integer overflow in C and C++ which can be a vector of attack. The only thing I can think of is that it might be too programming-specific. But then again, it is a conceptual question and not asking for advice in writing or debugging code. I've seen plenty of questions regarding PHP or Java Script code. Are the rules for C different? There even is a C and C++ tag (which were applied to the question in question) so I assume those technologies are not off-topic per se.

So, what is wrong with this question?

1
  • // , It looks like he's asking about the security implications of an otherwise unrelated programming language language construct. Commented May 4, 2018 at 22:07

2 Answers 2

4

The OP was asking about the internals of a programming language. I think the question was close-voted because the way integers are stored and overflow is not primarily a security topic, although it can have security implications. In its current form, that question could have been answered correctly by a C programmer without any knowledge of security concepts.

But instead of closing the question it would have probably been better to amend it with something like "And is this an effective security measure?".

You could edit the question to emphasize the security aspect of it and ask for a reopen.

2
  • Alright, thank you. I went ahead and edited the question as you've suggested. I don't have privileges to cast a vote for re-opening, though. But IIRC, if the edit gets approved, the question will be added to the re-opening queue automatically anyway.
    – 5gon12eder
    Commented Feb 22, 2017 at 3:02
  • 1
    @5gon12eder Great, your edit was approved and I nominated the question for reopen.
    – Arminius
    Commented Feb 22, 2017 at 3:27
4

I agree, that question really is on-topic.
Programming-specific is never a problem, as long as it is primarily about security - the overwhelming majority of security-related issues are currently programming specific.

It might be that it was closed because the original version of the question was a bit confused, and enforced assumptions that are wrong. The updated version of the question ("does it") is much better, definitely on topic.

Reopened.

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .