[Info-vax] A DCL wish list of sorts...
Simon Clubley
clubley at remove_me.eisner.decus.org-Earth.UFP
Fri Mar 22 10:14:56 EDT 2019
On 2019-03-22, pcanagnostopoulos at gmail.com <pcanagnostopoulos at gmail.com> wrote:
> On Friday, March 22, 2019 at 9:26:23 AM UTC-4, Simon Clubley wrote:
>> I would call it undefined behaviour and undefined behaviour is subject
>> to change as compilers and languages evolve.
>
> This is why language designers now specify whether "it is undefined" or "it is an error" or "an exception is raised" when doing various things in the programming language. The Common Lisp reference manual is particularly good in this respect.
>
>> Are you able to share the tale ?
>>
>> I don't know how similar the V2.x compiler was to the V4.x compiler
>> but certainly in current versions there were other little issues I
>> found in addition to the vulnerability itself.
>
> Oh, did you work on the compiler? I wonder if the current one is mine. Perhaps I'm misremembering the version. Does the syntax include a lexical element called an "h-string"?
>
Actually what I did would be more accurately described as working _over_
the compiler instead of working _on_ the compiler. :-)
Sorry, I just assumed you knew. Here's the end result of a little research
project I did in 2017:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17482
Basically, for 33 years, it was possible for a non-privileged user
with access to the DCL command line and a normal DCLTABLES to
totally compromise VMS on VAX and Alpha.
The same problem is in Itanium VMS, but Itanium VMS cannot be compromised
(at least directly) using this vulnerability due to the unique nature
of the Itanium architecture.
Simon.
--
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Microsoft: Bringing you 1980s technology to a 21st century world
More information about the Info-vax
mailing list