@safe and null dereferencing

Moritz Maxeiner via Digitalmars-d digitalmars-d at puremagic.com
Thu Jul 27 14:32:12 PDT 2017


On Thursday, 27 July 2017 at 20:48:51 UTC, H. S. Teoh wrote:
> On Thu, Jul 27, 2017 at 07:50:52PM +0000, Moritz Maxeiner via 
> Digitalmars-d wrote:
>> On Thursday, 27 July 2017 at 18:46:16 UTC, Jonathan M Davis 
>> wrote:
> [...]
>> > I see no problem whatsoever requiring that the platform 
>> > segfaults when you dereference null. Anything even vaguely 
>> > modern will do that. Adding extra null checks is therefore 
>> > redundant and complicates the compiler for no gain 
>> > whatsoever.
>> 
>> Except that when someone gets (root) access to any modern 
>> Linux servers running D services he now has an easy way to 
>> create a denial of service attack the owner of the server 
>> won't easily be able to find the cause of, because pretty much 
>> everything *looks* right, except that somehow the D services 
>> hang.
>
> If someone malicious has root access to your server, you 
> already have much bigger things to worry about than D services 
> hanging. :-D

That depends on how valuable you are as a target, how hard it was 
to gain root access, and what the attacker's intentions are.
If you are a high value target for which root access was hard to 
get, the attacker is unlikely to risk detection by doing things 
that someone (or an IDS) will categorize as an attack; the 
attacker is much more likely to try and subvert the system 
without being detected; see for example how Stuxnet was used to 
slowly damage centrifuge machines.


More information about the Digitalmars-d mailing list