If you needed any more evidence that memory safety is the future...

H. S. Teoh via Digitalmars-d digitalmars-d at puremagic.com
Fri Feb 24 09:47:14 PST 2017


On Fri, Feb 24, 2017 at 06:59:16AM +0000, Jack Stouffer via Digitalmars-d wrote:
> https://bugs.chromium.org/p/project-zero/issues/detail?id=1139
> 
> A buffer overflow bug caused heartblead 2.0 for hundreds of thousands
> of sites. Here we are 57 years after ALGOL 60 which had bounds
> checking, and we're still dealing with bugs from C's massive mistake.

Walter was right that the biggest mistake of C was conflating pointers
and arrays.  That single decision, which seemed like a clever idea in a
day and age where saving a couple of bytes seemed so important (how
times have changed!), has cost the industry who knows how much as a
consequence.

More scarily yet, this particular pointer bug was obscured because it
occurred in *generated* code.  The language it was generated from
(Ragel) appears not to have any safety checks in this respect, but
"blindly" generated C code that simply followed whatever the source code
said.  As if pointer bugs aren't already too easy to inadvertently
write, now we have an additional layer of abstraction to make them even
less obvious to the programmer, who now has to mentally translate the
higher-level constructs into low-level pointer manipulations in order to
even realize something may have gone wrong.  Talk about leaky(!)
abstractions...


> This is something that valgrind could have easily picked up, but the
> devs just didn't use it for some reason. Runtime checking of this
> stuff is important, so please, don't disable safety checks with DMD if
> you're dealing with personal info.
[...]

The elephant in the room is that the recent craze surrounding the
"cloud" has conveniently collected large numbers of online services
under a small number of umbrellas, thereby greatly expanding the impact
of any bug that occurs in the umbrella.  Instead of a nasty bug that
impacts merely one or two domains, we now have a nasty bug that
singlehandedly affects 4 *million* domains.  Way to go, "cloud"
technology!


T

-- 
Spaghetti code may be tangly, but lasagna code is just cheesy.


More information about the Digitalmars-d mailing list