Re: How to develop a random number generation device

On Sep 14, 8:52 pm, Nobody <nob...@xxxxxxxxxxx> wrote:
On Fri, 14 Sep 2007 11:47:32 -0700, John Larkin wrote:
Nothing the OS does can prevent machine code from overrunning a
buffer.

Absolute nonsense. Perhaps buffer overruns can't be prevented
using C++, but they *can* be prevented.

Not by the *OS*.

Sure it can. Not in Windows and not with C++, perhaps. An OS can
surely make it impossible to write safe code and a real OS is required
to make safe code possible.

That doesn't address the issue, which was whether the OS can prevent
buffer overruns.

I can't prevent them, but it could and should trap them and abort the
offending task, with no possibility of subsequent damage.

Under a decent OS, bad code should only hurt itself.

I don't think you understand what a buffer overrun is. FWIW, it isn't
related to process isolation (preventing one process from trashing another
process' memory). That's a non-issue with modern OSes and modern CPUs (for
x86, that means 80286 and later).

A buffer overrun is where a process trashes its own memory. The memory
which is written is supposed to be written by that process, but the wrong
part of the program writes the wrong data to it (e.g. writing a portion of
a string to memory which is supposed to hold an integer or pointer).

No a buffer overrun is over running the buffer. It doesn't matter
what is in the memory you've over run into.

The exploit that takes advantage of the buffer overrun, causes an
overrun onto the return address or some other data that shouldn't be
writable by this task.

If an application trashes its own variables via a buffer overrun, only
that application is hurt in the process. The is exactly what Mr.
Larkin said was the case and he is correct in that.



.

Relevant Pages

  • Re: How to develop a random number generation device
    ... related to process isolation (preventing one process from trashing another ... That's a non-issue with modern OSes and modern CPUs (for ... a string to memory which is supposed to hold an integer or pointer). ... whether or not a "buffer overrun" has occurred. ...
    (sci.electronics.design)
  • Re: c mex file problem -- incorrect results
    ... Sounds like a buffer overrun to me. ... the mex file stays resident in memory. ... Does it always give the correct answer the first time you launch Matlab ...
    (comp.soft-sys.matlab)
  • Re: malloc() causes an Access Violation when compiling with the /MT switch
    ... > x bytes and then writing exactly x bytes into the allocated memory... ... >>> it only happens with the non-debug builds of the CRT. ... Thus a buffer overrun of a few bytes may pass unnoticed. ...
    (microsoft.public.vc.language)
  • Re: More buffer overrun problems
    ... That's the galling thing about buffer overruns. ... "buffer overrun" message refers to memory buffers of course, ... iteration through the loop which caused the buffer overrun error. ... this isn't a VFP error I'm getting. ...
    (microsoft.public.fox.programmer.exchange)
  • Re: How to develop a random number generation device
    ... offending task, with no possibility of subsequent damage. ... related to process isolation (preventing one process from trashing another ... A buffer overrun is where a process trashes its own memory. ...
    (sci.electronics.design)
Loading