Dailydave mailing list archives
RE: We have met the enemy, and the enemy is ... you.
From: pageexec () freemail hu
Date: Wed, 12 Apr 2006 21:13:12 +0200
On 11 Apr 2006 at 18:28, jnf wrote:
What I've never understood is why functionality available on the platform itself is not used as a means of preventing common vulnerabilities?
by 'not used' i guess you meant 'not used in widely available systems', as otherwise it's not true, there's quite some research that does use (or invent and implement/simulate) platform specific features.
For instance on the x86 platform you have the bound and into instructions that determine if a pointer is still within bounds and if an int overflow has occured respectively.
'bound' has the problem of being very slow. a few years ago i did some micro benchmarking on bounds checking primitives, 'bound' turned out to be four times slower than a 'cmp/jb forward/cmp/jae forward' sequence (that's on a P3, on a P4 it was even worse). besides this low-level detail, the real problem with any bounds checking is the storage (ABI compatibility with uninstrumented code) and lookup (performance impact) of bounds metadata. there're many solutions but none of them are efficient enough to be widely deployable (google up the Jones and Kelly bounds checking gcc extension, CRED, mudflap, etc).
A while back Theo made a big deal about int overflows and how they were undetectable to the program, however thats only at the level of the source, at the assembly level they are detectable and preventable.
they're detectable at the source level as well, else all those explicit overflow/wraparound checks would be in vain and we'd be in big trouble ;-). the real issue is that these checks must be explicitly added to the code, which is prone to error (by being omitted altogether or badly constructed), so automation would surely help... were it not for constructs where overflow happens normally and causes no problems and then you're back to manual markup.
Current thread:
- Re: We have met the enemy, and the enemy is ... you., (continued)
- Re: We have met the enemy, and the enemy is ... you. TINNES Julien RD-MAPS-ISS (Apr 13)
- RE: We have met the enemy, and the enemy is ... you. Knape, Joe (Apr 11)
- Re: We have met the enemy, and the enemy is ... you. Joel Eriksson (Apr 11)
- RE: We have met the enemy, and the enemy is ... you. pageexec (Apr 11)
- RE: We have met the enemy, and the enemy is ... you. redsand (Apr 11)
- Re: We have met the enemy, and the enemy is ... you. Dave Aitel (Apr 11)
- Re: We have met the enemy, and the enemy is ... you. toby (Apr 12)
- Re: We have met the enemy, and the enemy is ... you. Ian Melven (Apr 11)
- Re: We have met the enemy, and the enemy is ... you. redsand (Apr 11)
- RE: We have met the enemy, and the enemy is ... you. jnf (Apr 11)
- RE: We have met the enemy, and the enemy is ... you. pageexec (Apr 12)
- Re: We have met the enemy, and the enemy is ... you. Michael Spath (Apr 13)
- Re: We have met the enemy, and the enemy is ... you. Ian Melven (Apr 13)
- Re: We have met the enemy, and the enemy is ... you. jnf (Apr 14)
- Re: We have met the enemy, and the enemy is ... you. Halvar Flake (Apr 14)
- Re: We have met the enemy, and the enemy is ... you. Oezguer Kesim (Apr 14)
- Re: We have met the enemy, and the enemy is ... you. Michael Spath (Apr 14)
- RE: We have met the enemy, and the enemy is ... you. pageexec (Apr 13)