Thread overview | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
|
November 09, 2011 Integer overflow bug in windows | ||||
---|---|---|---|---|
| ||||
http://blogs.technet.com/b/srd/archive/2011/11/08/assessing-the-exploitability-of-ms11-083.aspx |
November 09, 2011 Re: Integer overflow bug in windows | ||||
---|---|---|---|---|
| ||||
Posted in reply to Kagamin | Am 09.11.2011, 22:34 Uhr, schrieb Kagamin <spam@here.lot>:
> http://blogs.technet.com/b/srd/archive/2011/11/08/assessing-the-exploitability-of-ms11-083.aspx
Solution: upgrade all computers to 64-bit
|
November 09, 2011 Re: Integer overflow bug in windows | ||||
---|---|---|---|---|
| ||||
Posted in reply to Kagamin | Kagamin:
> http://blogs.technet.com/b/srd/archive/2011/11/08/assessing-the-exploitability-of-ms11-083.aspx
I'd like a runtime error when an integral overflows (unsigned numbers too, the C99 Standard is not a religion book for me), unless where asked otherwise.
Bye,
bearophile
|
November 09, 2011 Re: Integer overflow bug in windows | ||||
---|---|---|---|---|
| ||||
Posted in reply to bearophile | On 09-11-2011 23:49, bearophile wrote:
> Kagamin:
>
>> http://blogs.technet.com/b/srd/archive/2011/11/08/assessing-the-exploitability-of-ms11-083.aspx
>
> I'd like a runtime error when an integral overflows (unsigned numbers too, the C99 Standard is not a religion book for me), unless where asked otherwise.
>
> Bye,
> bearophile
If anything, we should do it like C#: have checked/unchecked arithmetic blocks.
- Alex
|
November 10, 2011 Re: Integer overflow bug in windows | ||||
---|---|---|---|---|
| ||||
Posted in reply to Marco Leise | Marco Leise Wrote:
> Am 09.11.2011, 22:34 Uhr, schrieb Kagamin <spam@here.lot>:
>
> > http://blogs.technet.com/b/srd/archive/2011/11/08/assessing-the-exploitability-of-ms11-083.aspx
>
> Solution: upgrade all computers to 64-bit
In windows ULONG is used for reference count, which is still 32-bit on 64-bit system.
|
November 10, 2011 Re: Integer overflow bug in windows | ||||
---|---|---|---|---|
| ||||
Posted in reply to Kagamin | > > Solution: upgrade all computers to 64-bit
>
> In windows ULONG is used for reference count, which is still 32-bit on 64-bit system.
Although 32-bit counter may prove to be inadequate for 64-bit address space.
|
November 10, 2011 Re: Integer overflow bug in windows | ||||
---|---|---|---|---|
| ||||
Posted in reply to Kagamin | Am 10.11.2011, 05:21 Uhr, schrieb Kagamin <spam@here.lot>:
>> > Solution: upgrade all computers to 64-bit
>>
>> In windows ULONG is used for reference count, which is still 32-bit on 64-bit system.
>
> Although 32-bit counter may prove to be inadequate for 64-bit address space.
I was only half serious about that ;) Clearly they had a bug with their reference counter not decrementing in a certain situation.
|
November 10, 2011 Re: Integer overflow bug in windows | ||||
---|---|---|---|---|
| ||||
Posted in reply to Alex Rønne Petersen | Am 10.11.2011, 00:07 Uhr, schrieb Alex Rønne Petersen <xtzgzorex@gmail.com>:
> On 09-11-2011 23:49, bearophile wrote:
>> Kagamin:
>>
>>> http://blogs.technet.com/b/srd/archive/2011/11/08/assessing-the-exploitability-of-ms11-083.aspx
>>
>> I'd like a runtime error when an integral overflows (unsigned numbers too, the C99 Standard is not a religion book for me), unless where asked otherwise.
>>
>> Bye,
>> bearophile
>
> If anything, we should do it like C#: have checked/unchecked arithmetic blocks.
>
> - Alex
I know that the article was meant to start this discussion, but no checked arithmetic could have found this bug while debugging. And if it the check is kept even in release mode - which is untypical for asserts - the question is, if an exception or termination of the program would have been handled gracefully.
On the other hand I wouldn't mind checked arithmetic, especially since there are assembly instructions like JO. Could this also be used to execute a different branch when an overflow occurs? I mean: Would some code become faster and cleaner? I am so used to not having any checking that I cannot remember any such cases from the top of my head.
In any case blocks are the way to go, because the overflow flag is manipulated by too many instructions as to just write "if (overflow()) {...}" after a statement. I don't know if we always want an Exception as in C# though, if people find it useful for general code flow.
|
Copyright © 1999-2021 by the D Language Foundation