Spec#, nullables and more
Bruno Medeiros
brunodomedeiros+spam at com.gmail
Thu Nov 25 08:28:34 PST 2010
On 05/11/2010 18:52, Daniel Gibson wrote:
> Walter Bright schrieb:
>> bearophile wrote:
>>> Walter Bright:
>>>
>>>> The $10 billion mistake was C's conversion of arrays to pointers when
>>>> passing to a function.
>>>>
>>>> http://www.drdobbs.com/blog/archives/2009/12/cs_biggest_mist.html
>>>>
>>>> Sadly, there's an ongoing failure to recognize this, as it is never
>>>> addressed in any of the revisions to the C or C++ standards,
>>>
>>> I agree, that's a very bad problem, probably worse than null-related
>>> bugs.
>>
>> It's infinitely worse. Null pointers do not result in memory
>> corruption, buffer overflows, and security breaches.
>>
>
> Not entirely true: Null Pointer dereferences *have* been used for
> security breaches, see for example: http://lwn.net/Articles/342330/
> The problem is that one can mmap() to 0/NULL so it can be dereferenced
> without causing a crash.
>
> Of course this is also a problem of the OS, it shouldn't allow mmap()ing
> to NULL in the first place (it's now forbidden by default on Linux and
> FreeBSD afaik) - but some software (dosemu, wine) doesn't work without it.
>
> Cheers,
> - Daniel
I think Walter's point remains true: null pointers bugs are an order of
magnitude less important, if not downright insignificant, with regards
to security breaches.
I mean, from my understanding of that article, a NPE bug on its own is
not enough to allow an exploit, but other bugs/exploits need to be be
present. (in that particular case, a straight-flush of them it seems).
On the other hand, buffer overflows bugs nearly always make possible an
exploit, correct?
--
Bruno Medeiros - Software Engineer
More information about the Digitalmars-d
mailing list