Re: How to develop a random number generation device

Nobody nobody@xxxxxxxxxxx posted to sci.electronics.design:

On Fri, 14 Sep 2007 11:47:32 -0700, John Larkin wrote:

Nothing the OS does can prevent machine code from
overrunning a buffer.

Absolute nonsense. Perhaps buffer overruns can't be
prevented using C++, but they *can* be prevented.

Not by the *OS*.

Sure it can. Not in Windows and not with C++, perhaps. An OS
can surely make it impossible to write safe code and a real OS is
required to make safe code possible.

That doesn't address the issue, which was whether the OS can
prevent buffer overruns.

I can't prevent them, but it could and should trap them and abort
the offending task, with no possibility of subsequent damage.

Under a decent OS, bad code should only hurt itself.

I don't think you understand what a buffer overrun is. FWIW, it
isn't related to process isolation (preventing one process from
trashing another process' memory). That's a non-issue with modern
OSes and modern CPUs (for x86, that means 80286 and later).

A buffer overrun is where a process trashes its own memory. The
memory which is written is supposed to be written by that process,
but the wrong part of the program writes the wrong data to it (e.g.
writing a portion of a string to memory which is supposed to hold an
integer or pointer).

The reason why the OS cannot do anything about this is because it
lacks the detailed knowledge regarding which portions of memory are
used for what purpose. That information is normally discarded during
compilation (unless you compile with debug information). By the time
you get to running a binary executable, you're at a level of "code
writes data", with no details about which parts of memory belong to
specific variables.

I went and checked the Wikipedia definition, is basically correct.
The links to extended explanatory data seem to be good as well. Your
explanation does not match.

Use your own salt.

.

Relevant Pages

  • Re: Thou shalt have no other gods before the ANSI C standard
    ... Buffer overruns can still be problematic even if they only give ... > can be used to write outside the memory object that it points into. ... > have too many false positives). ...
    (sci.crypt)
  • Re: How to develop a random number generation device
    ... Perhaps buffer overruns can't be prevented ... to make safe code possible. ... related to process isolation (preventing one process from trashing another ... A buffer overrun is where a process trashes its own memory. ...
    (sci.electronics.design)
  • Re: Encoding Return Address and Stack Pointer
    ... buffer overruns, since the return address could be changed to an ... executable area of memory. ... but what's *IN* that area of memory? ... placed on the stack with the stack pointer and possibly some fast ...
    (comp.lang.c)
  • Re: SIGKILL vs SIGSEGV in Linux and Solaris
    ... or perhaps even something as obscure as buffer overruns on ... Even better is to run the program under a memory debugger such as ... instead of when the corrupted memory is used next time. ...
    (comp.unix.programmer)
  • Re: How to develop a random number generation device
    ... question of whether the OS can prevent buffer overruns. ... to write safe code" or "a real OS is required to make safe code possible". ... I'm not talking about process isolation. ...
    (sci.electronics.design)
Loading