Re: Attention Windows Users
- From: "Peter Duniho" <NpOeStPeAdM@xxxxxxxxxxxxxxxx>
- Date: Sat, 31 Dec 2005 00:32:47 -0800
"Skywise" <into@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:11rc3usqpk6lsed@xxxxxxxxxxxxxxxxxxxxx
> [...]
> Anyway, in my programs, when I read in data, I couldn't see
> how there could be a buffer overflow. So I asked the question
> in the support group for XB.
Sounds to me as though you got an explanation oversimplified to the point of
incorrectness.
> In a nutshell it has to do with how the language allocates
> memory. C allows one to write beyond the allocated block of
> memory. A programmer would have to explicitly check that the
> data they are writing to memory will not exceed the length
> of the buffer.
>
> XB on the other hand allocates memory dynamically so it's
> not possible to overflow.
A "dynamic allocation" is one that occurs at run-time. Technically, all
allocations are thus "dynamic", except that what is really meant is that the
allocation size and location are not known until run-time. This is as
opposed to allocation of a variable on the stack, or a global variable.
But in any case, a buffer overflow can occur with either a dynamic or static
allocation. How the memory is allocated is irrelevant, except with respect
to the specific technique that's needed to exploit a buffer overrun (stack
overruns can be easier, since you can simply insert a new return address,
while heap overruns require a bit more finesse to get code to actually
execute, for example).
I can readily believe that in XBasic, you are protected from buffer
overruns, in that the interpreter is checking each and every array access
and ensuring that you stay within the bounds. But that's a separate issue
from how the memory is allocated.
> That's my limited understanding of it anyway. I may have
> missed some details, but the point is, in a language like C
> the programmer has to take specific measures to prevent the
> overflow whereas in XB it's not possible to begin with, so
> no worries.
Most likely (I have to say that, since I don't actually know anything about
XBasic specifically :) ) XBasic is simply behaving as Java or C# would (or
any number of other similar languages). That is, they keep track of memory
allocations and ensure that code isn't allowed to write outside of its
allotted locations.
> I mean, it is possible, but oyu'd have to do it
> on purpose. Memory is not normally directly accessable in XB.
Heh. I think I know what you are trying to say, but technically the phrase
"memory is not normally directly accessible in XB" is inaccurate. Every
single variable represents a means to access memory. Memory is where all of
those variables live, and every time you read or write to a variable, you
are accessing memory.
Pete
.
- Follow-Ups:
- Re: Attention Windows Users
- From: Skywise
- Re: Attention Windows Users
- References:
- OT: Attention Windows Users
- From: john smith
- Re: Attention Windows Users
- From: John Huthmaker
- Re: Attention Windows Users
- From: Larry Dighera
- Re: Attention Windows Users
- From: Peter Duniho
- Re: Attention Windows Users
- From: Skywise
- Re: Attention Windows Users
- From: Peter Duniho
- Re: Attention Windows Users
- From: Larry Dighera
- Re: Attention Windows Users
- From: Peter Duniho
- Re: Attention Windows Users
- From: Skywise
- OT: Attention Windows Users
- Prev by Date: Re: Angry [More Info]
- Next by Date: Re: Angry [More Info]
- Previous by thread: Re: Attention Windows Users
- Next by thread: Re: Attention Windows Users
- Index(es):
Relevant Pages
|
Loading
