Kernel buffer overflow exposes iPhone 11 Pro to radio based attacks

[IGotD-]

On Thursday, 3 December 2020 at 01:36:15 UTC, TheGag96 wrote:
>
> How many times is this going to happen before people realize 
> it's almost immoral to even continue writing things in C++? I 
> saw a tweet a few days ago where someone pointed out rightly 
> that C++ is not the future because of its memory unsafety, and 
> there were some people trying to tell him he was wrong or being 
> too harsh or that it's just cool to come up with reasons to 
> hate C++ these days. Who would have thought he could be 
> vindicated mere days later.

Kernel programming is not the same as application programming. In 
kernel programming you do so many tricks and quirks that you must 
operate outside what is considered safe by language designers. 
Sure bounds checking helps as well as getting rid of those stupid 
zero terminated strings but a kernel written in a 100% safe 
language is just fantasy.

Take a look at the Linux page structure (struct page).

https://elixir.bootlin.com/linux/latest/source/include/linux/mm_types.h

It's a structure full of unions, then also we have pointers to 
other structures some forming a linked list. There is no way you 
can program this with safe code and the structure requires this 
because size of this structure is of high importance.

Safe kernel programming just forget it. It's just that C has a 
bit too few features that can help reducing bugs.