[Not really OT] Crowdstrike Analysis: It was a NULL pointer from the memory unsafe C++ language.
Richard (Rikki) Andrew Cattermole
richard at cattermole.co.nz
Thu Jul 25 19:42:43 UTC 2024
On 26/07/2024 7:30 AM, H. S. Teoh wrote:
> On Fri, Jul 26, 2024 at 07:07:44AM +1200, Richard (Rikki) Andrew Cattermole via Digitalmars-d wrote:
> [...]
>> I am already convinced that there was multiple failures went on.
>>
>> I was able to determine them just from the failures I was seeing on
>> Twitter a few hours in.
>>
>> But, I can't solve those.
>>
>> I can however solve forcing a D user to check for nullability, and if
>> that is the best that we can do, then that's all we can do.
>
> Null checking doesn't solve this particular problem, though. We just
> got lucky that the file contained zeroes. If the file had contained
> non-zeroes that weren't what the code was expecting, treating that as a
> pointer may have lead to even more disastrous consequences. A null
> check won't save you then. (I've actually seen this before, in case you
> think this is theoretical.)
>
>
> T
I don't think that this is a theoretical problem at all. I considered
this ages ago.
For D we've solved all the non-null pointer safety issues with ``@safe``
that we can solve.
The only thing left is nullability which would have protected against
the symptom and therefore prevented the outage.
More information about the Digitalmars-d
mailing list