WebAssembly lets applications write/read to NULL. Even if, by design, WASM prevents whole classes of vulnerabilities, that sounds like a regression over what all modern operating systems do, which has proven to prevent many bugs and exploitable vulnerabilities.
It would probably restore that behavior. But now, (uintptr_t)0 != (void *) 0. You can’t initialize a pointers array with calloc() or memset(0) any more. This is going to break things.
-
-
But isn't this exploiting the knowledge that NULL is 0? :) I know what you're saying is that this is knowledge that people exploit in practise even though they shouldn't
-
Yes. Quickly initializing arrays of things that include pointers using memset(0) or calloc() is a very common practice.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.