[Not really OT] Crowdstrike Analysis: It was a NULL pointer from the memory unsafe C++ language.
H. S. Teoh
hsteoh at qfbox.info
Thu Jul 25 20:59:55 UTC 2024
On Fri, Jul 26, 2024 at 07:42:43AM +1200, Richard (Rikki) Andrew Cattermole via Digitalmars-d wrote:
> On 26/07/2024 7:30 AM, H. S. Teoh wrote:
> > On Fri, Jul 26, 2024 at 07:07:44AM +1200, Richard (Rikki) Andrew Cattermole via Digitalmars-d wrote:
[...]
> > > I can however solve forcing a D user to check for nullability, and
> > > if that is the best that we can do, then that's all we can do.
> >
> > Null checking doesn't solve this particular problem, though. We
> > just got lucky that the file contained zeroes. If the file had
> > contained non-zeroes that weren't what the code was expecting,
> > treating that as a pointer may have lead to even more disastrous
> > consequences. A null check won't save you then. (I've actually
> > seen this before, in case you think this is theoretical.)
[...]
> I don't think that this is a theoretical problem at all. I considered
> this ages ago.
How does null prevention solve the case of garbage data read from file
being cast into a pointer? A null check won't save you from that.
> For D we've solved all the non-null pointer safety issues with
> ``@safe`` that we can solve.
>
> The only thing left is nullability which would have protected against
> the symptom and therefore prevented the outage.
Only in this particular instance. It wouldn't have prevented anything
had the file contained unexpected data other than zeroes.
T
--
A linguistics professor was lecturing to his class one day.
"In English," he said, "A double negative forms a positive. In some
languages, though, such as Russian, a double negative is still a
negative. However, there is no language wherein a double positive can
form a negative."
A voice from the back of the room piped up, "Yeah, yeah."
More information about the Digitalmars-d
mailing list