|
Dailydave
mailing list archives
Re: We have met the enemy, and the enemy is ... you.
From: "Michael Spath" <michael.spath () gmail com>
Date: Thu, 13 Apr 2006 20:40:41 +0200
On 4/12/06, jnf <jnf () nosec net> wrote:
For instance on the x86 platform you have the bound and into
instructions that determine if a pointer is still within bounds and
if an int overflow has occured respectively.
INTO would trigger an interrupt (which one depends on the OS) only
when the OF flag is set, which does not cover all integer overflows.
To handle all int overflows you also have to check the carry flag,
so a JO/JC pair looks like a much better solution to me.
Surely it would impact performance to some degree, but at least
in some arena's high security is valued over high performance.
For high security people can use the ADA language, which adds
by default run-time checks for boundaries and integer overflows
(and more).
regards,
--spath
 By Date 
By Thread
Current thread:
- Re: We have met the enemy, and the enemy is ... you., (continued)
- RE: We have met the enemy, and the enemy is ... you. jnf (Apr 11)
- RE: We have met the enemy, and the enemy is ... you. pageexec (Apr 12)
- Re: We have met the enemy, and the enemy is ... you. Michael Spath (Apr 13)
- Re: We have met the enemy, and the enemy is ... you. Ian Melven (Apr 13)
- Re: We have met the enemy, and the enemy is ... you. jnf (Apr 14)
- Re: We have met the enemy, and the enemy is ... you. Halvar Flake (Apr 14)
- Re: We have met the enemy, and the enemy is ... you. Oezguer Kesim (Apr 14)
- Re: We have met the enemy, and the enemy is ... you. Michael Spath (Apr 14)
|
Intro
