RFC: Change what assert does on error
Adam Wilson
flyboynw at gmail.com
Thu Jul 3 08:37:40 UTC 2025
On Thursday, 3 July 2025 at 08:25:42 UTC, Richard (Rikki) Andrew
Cattermole wrote:
> A couple of us have gone and asked both Gemini and Grok what
> they think of this: "Are there any currently known malware or
> attacks that use stack unwinding as an attack vector?"
>
> Gemini unsurprisingly gave the best answer.
>
> It is based upon the paper "Let Me Unwind That For You:
> Exceptions to
> Backward-Edge Protection":
> https://www.ndss-symposium.org/wp-content/uploads/2023/02/ndss2023_s295_paper.pdf
>
I want to state for the record, that what Rikki is saying here is
that because Walter's proffered example attack would work on
*any* stack unwinding mechanism, then the correct solution to
Walter's proposed attack is to remove *ALL* stack unwinding from
the language.
Which I will assert is a terminally bad idea.
Therefore, since there is no functional difference in threats
between Errors and Exceptions, then Error should offer the same
unwinding facilities as well.
More information about the Digitalmars-d
mailing list