Great paper! Re: 2.1.4 'sizeof considered harmful' Not what I thought it was going to be about. There's a class of bug where they bzero(ptr, sizeof(ptr)) instead of bzero(ptr, sizeof(*ptr)), leaving the rest uninitialized. Also, no mention of out of bounds read?https://twitter.com/j00ru/status/1009839823195181056 …
Thanks! There are indeed some other potential issues related to "sizeof", but the one I intended to highlight was that it often leads to non-obvious bugs even if it's used seemingly correctly.
-
-
It essentially embodies the disconnect between the number of initialized bytes in an object vs. its size in memory, with the latter being in some sense "hidden" from the developer and controlled by the compiler, leading to unexpected infoleaks
-
Re: out-of-bounds reads, I agree that they may also lead to memory disclosure, but for fundamentally different reasons. As memory-safety violations were outside the scope of the paper, so were out-of-bounds accesses.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.