Emplace vs closures
John Colvin via Digitalmars-d
digitalmars-d at puremagic.com
Tue Sep 20 01:23:04 PDT 2016
On Tuesday, 20 September 2016 at 08:08:16 UTC, cym13 wrote:
> On Monday, 19 September 2016 at 14:22:16 UTC, Steven
> Schveighoffer wrote:
>> On 9/19/16 7:27 AM, Lodovico Giaretta wrote:
>>
>>> What I'd like to know: is this usage widespread? Should we
>>> forbid it for
>>> the sake of security?
>>
>> No. There is no security concern here. You are dereferencing a
>> null pointer, which is perfectly safe.
>>
>> -Steve
>
> I beg to defer,
You mean differ, right?
> null pointer dereference is certainly not safe in the general
> case. In many cases it lead to code execution or privilege
> escalation. See for example CVE-2008-568 [1] for an example in
> kernel space or CVE-2009-0385 [2] in user space.
>
> The idea is that you are really trying to call a function in a
> part of memory that is not mapped, but if you are able to map
> the zero page and control what function pointer is present
> there then it is exploitable. I'd like people to get away from
> the idea that null pointer dereference is safe, it's not. In
> most cases it's not exploitable but that's definitely not a
> safe spot.
>
> That being said I don't think it should be the burden of the
> library or language to deal with this for the reasons you
> exposed.
>
> [1] http://www.trapkit.de/advisories/TKADV2008-015.txt
> [2] http://www.trapkit.de/advisories/TKADV2009-004.txt
Interesting, hadn't seen this stuff before. There is also the
matter of large offsets taking you to accessible memory, such as
you might get with a null pointer to a very large struct.
More information about the Digitalmars-d
mailing list