[COFF] [TUHS] buffer overflow (Re: Happy birthday Morris worm
Peter Jeremy
peter at rulingia.com
Wed Nov 13 18:37:26 AEST 2019
On 2019-Nov-12 17:49:46 -0500, Arthur Krewat <krewat at kilonet.net> wrote:
>On 11/12/2019 5:41 PM, Robert Clausecker wrote:
>> Oh please no. One of the things we've hopefully all learned from Pascal
>> is that length-prefixed strings suck because you can't perform anything
>> useful without copying the entire string.
Keep in mind that C doesn't have a "string" type. The use of a NUL
terminated char array is purely convention. There's nothing to stop
someone using a length-prefixed array (though there's virtually no
standard library support for that).
>> Rob Pike and friends showed
>> how to get strings and vectors right in the Go language where you have a
>> builtin slice type which is essentially a structure
>>
>> struct slice(type) {
>> type *data;
>> size_t len, cap;
>> };
That approach would have incurred a 12-byte overhead for each string or
vector on a PDP-11 - that would have been a substantial disincentive on
a memory-constrained system.
>And none of that stops some programmer from doing slice.cap=255 - or is
>it read-only? ;)
Slices and strings are built-in types in Go. They can be modelled as the
above structure but that is an implementation detail. It is possible to
reduce the capacity of a slice (but not a string) but attempting to
increase it will result in a runtime exception ("panic" in Go speak).
--
Peter Jeremy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: not available
URL: <http://minnie.tuhs.org/pipermail/coff/attachments/20191113/0564e548/attachment.sig>
More information about the COFF
mailing list