GC implementation
Frank Benoit
frank at nix.de
Sat Mar 18 02:46:41 PST 2006
An attacker has as much time as needed. He will get all knowledge
neccessary and perhaps he can calculate such addresses without physical
access to the machine. But this is not the real problem. Random data in
integers and floating point values can also make problems.
I think, this is a really big security problem and makes reliable
programs impossible. If only knowledge or random data can cause memory
leaks, than this is a problem.
What about a program running out of memory after 3 days. Is it a program
bug, or because of randomly matching data values?
If the solution is to call delete manually, then the gc makes no sense
at all.
This is a show stopper, because everything is base on gc allocated
memory. You will only get a predictable behaviour with an precise (vs
conservative) GC.
Frank
More information about the Digitalmars-d
mailing list