[Info-vax] Whither VMS?
Bob Eager
rde42 at spamcop.net
Fri Oct 2 10:50:27 EDT 2009
On Fri, 02 Oct 2009 15:18:30 +0200, Jordi Guillaumes i Pons wrote:
> En/na Michael Kraemer ha escrit:
>>
>> The str*() functions exist for convenience. If one has problems of that
>> kind, I'd indeed store data in a dedicated struct (ptr,len).
>>> One result of null termination is the easy buffer overflow of many
>>> programs today
>>
> Programmers are, some times, lazy. Specially when they work under
> unrealistic schedules and not enough resources. You can find a lot of
> things like this in production:
>
> void someFunction(char *someString) {
> char aBuffer[1024];
>
> .
> .
> .
> strcpy(aBuffer, someString);
> doSomething(aBuffer);
> .
> .
> .
> }
>
> The problem is that in C you don't have tools (AFAIK)
Google "Purify memory checker"
> interesting, since in architectures like x86 that can overwrite the
> stack frame
As you can in the VAX...
> Of course, that could'nt happen in a VAX. All you would get is a ACCVIO,
> since VAX has a exec bit for each page, and the stack should not be exec
> utable. But on the x86 they have that kind of protection only recently.
The exec bit won't save the stack frame. It'll stop part of the stack
being executed as code, and it'll stop a corrupted return link diving
into non-code, but it won't stop a corrupted return link diving into a
different bit of code.
--
Use the BIG mirror service in the UK:
http://www.mirrorservice.org
More information about the Info-vax
mailing list