How does D improve design practices over C++?
Walter Bright
newshound1 at digitalmars.com
Wed Oct 29 17:29:34 PDT 2008
Brad Roberts wrote:
> On Wed, 29 Oct 2008, Walter Bright wrote:
>> Null pointer dereferencing, for example, is a program bug but is not a safety
>> issue because it cannot cause memory corruption.
>
> Actually, that's not true. Dereferencing null _can_ corrupt memory. As
> you well know, ptr[index] is just ptr + index. Use a large and accurate
> enough index and you're out of that first page of memory and back into
> application memory space. Find the address of a key stack variable and
> you've got room for all sorts of fun and mahem.
True, but technically that is not a null pointer dereference. There are
also ways to deal with it. One is to disallow fixed offsets exceeding
the protected null space (Java prohibits objects > 64Kb in size for this
reason). Next is to disallow pointer arithmetic (which is what SafeD
proposes).
> These are the sorts of bugs in popular enough applications are the things
> that end up costing companies lots of money to emergency fix. One of the
> few recent flash exploits were exactly this type of bug.
You're right, and SafeD should make such exploits impossible.
More information about the Digitalmars-d
mailing list