[Not really OT] Crowdstrike Analysis: It was a NULL pointer from the memory unsafe C++ language.
Richard (Rikki) Andrew Cattermole
richard at cattermole.co.nz
Sat Jul 27 09:30:02 UTC 2024
On 27/07/2024 1:12 PM, Walter Bright wrote:
> The real issue with null pointer seg faults is the screen dump of
> mysterious numbers and letters.
No. This isn't a problem at all.
What is a problem is the loss of money.
When you crash you take out many users interactions with your system. If
somebody is mid-way through buying something that gives them a chance to
decide not to.
It is effectively a Denial of Service (DoS) attack that can occur with
the press of the F5 key. It can take out your entire multi-server money
source without any defense.
In a lot of cases you do not own the thread, or the process. You can't
just set the signal handler and do it at runtime. Audio plugins, game
engines, interop with an application VM, kernel drivers, web services,
COM (Office suite plugins, Windows services, explorer extensions).
All of these are where D makes its money. It is where the foundation
gets its donations from.
If you are using an application VM language, an exception is thrown and
you can handle it. It's solved. For a native language IFF you own the
process AND thread you can use signal handlers safely to throw an
exception (MOSTLY true, signals are very hairy and should be avoided if
at all possible).
There are two solutions for a native language that isn't just ignoring
it like we do today. Check it at CT and warn/error if you do not handle
null, or inject read barriers like we do for bounds checks to cause the
runtime exception.
Note: this is solved in C/C++ world. They have such analysis in their
compilers: analyzer-null-dereference
https://gcc.gnu.org/onlinedocs/gcc-10.1.0/gcc/Static-Analyzer-Options.html
It only takes one major outage where a business loses money before they
consider dumping a D companies solution. No client wants to hear: "We
did this in a known unsafe language for this particular error, when a
more main stream language has solutions to it and D doesn't."
More information about the Digitalmars-d
mailing list