Re: nested functions
- From: Karsten Nyblad <148f3wg02@xxxxxxxxxxxxxx>
- Date: 8 Sep 2006 00:25:18 -0400
Tommy Thorn wrote:
Trampolines may in fact be the best choice if you expect most
functions passed by argument to *not* have a local environment (such
as global "outer" functions). The obvious alternative is to pass a
pointer to a structure which includes the local environment [pointer]
as well as a pointer to the function. This is better if the opposite
is true.
Before choosing trampolines you also need to consider security, e.g., if
you want to implement web services, trampolines may be unacceptable.
Trampolines in the GCC implementation are implemented by generating code
at runtime and locating it on the stack. This means that the program
must execute from user writable store.
One of the most dangerous forms of hacking attack are when the buffer
overrun attacks, were the hacker sends code to the web service under
attack and fools the service into executing it. The code is stored in
and executed from user writable store. Modern hardware including modern
x86 hardware can check that code is fetched from store marked for
storing code. Of course the operating systems (including newer versions
of Linux and Windows) by default does not allow executing code stored in
user writable areas.
You will have to disable such hardware checks if you want to use GCCs
trampolines, but that is unacceptable for security reasons.
Karsten Nyblad
.
- References:
- Re: nested functions
- From: Marco van de Voort
- Re: nested functions
- From: Tommy Thorn
- Re: nested functions
- Prev by Date: Re: nested functions
- Next by Date: Re: Compiler books
- Previous by thread: Re: nested functions
- Next by thread: Re: nested functions
- Index(es):
Relevant Pages
|
