Dailydave mailing list archives

Re: We have met the enemy, and the enemy is ... you.


From: "Michael Spath" <michael.spath () gmail com>
Date: Thu, 13 Apr 2006 20:40:41 +0200

On 4/12/06, jnf <jnf () nosec net> wrote:

For instance on the x86 platform you have the bound and into
instructions that determine if a pointer is still within bounds and
if an int overflow has occured respectively.

INTO would trigger an interrupt (which one depends on the OS) only
when the OF flag is set, which does not cover all integer overflows.
To handle all int overflows you also have to check the carry flag,
so a JO/JC pair looks like a much better solution to me.

Surely it would impact performance to some degree, but at least
in some arena's high security is valued over high performance.

For high security people can use the ADA language, which adds
by default run-time checks for boundaries and integer overflows
(and more).

regards,
--spath


Current thread: