[Not really OT] Crowdstrike Analysis: It was a NULL pointer from the memory unsafe C++ language.
Richard (Rikki) Andrew Cattermole
richard at cattermole.co.nz
Thu Jul 25 02:32:50 UTC 2024
On 25/07/2024 2:24 PM, Richard (Rikki) Andrew Cattermole wrote:
> On 25/07/2024 12:12 PM, Walter Bright wrote:
>> I talked with a person who has more in depth knowledge about it.
>>
>> The null pointer came from reading a file and treating it as a data
>> structure. The file was unexpectedly full of zeros.
>>
>> Any language that allows casting a buffer read from the disk to a
>> pointer would fail. This includes any language with unsafe blocks, or
>> uses a FFI to get around the language protections.
>
> You have almost got it.
>
> It is not any language with that capability, it is any language with
> that capability that does not force you to check for null before the
> dereference.
Note: you do not need to leave safety to have this exact situation to occur.
```d
void func(int* ptr) @safe {
int v = *ptr; // BOOM!
}
```
The problem isn't going into unsafe code, its that you made an
assumption that either is the reality, or is never correct and is
guaranteed to error out.
More information about the Digitalmars-d
mailing list