Re: [Lit.] Buffer overruns

From: Anne & Lynn Wheeler (lynn_at_garlic.com)
Date: 02/06/05 

Date: Sun, 06 Feb 2005 08:43:45 -0700

"Douglas A. Gwyn" <DAGwyn@null.net> writes:
> There shouldn't be. The primary purpose of assembly language is for
> the programmer to specify *exactly* what machine instructions (at
> the ISA level) are used and in what way. Very few ISAs even have
> the concept of a bounded array (apart possibly from a memory
> segment, which generally isn't suitable for that purpose).

although there are machine instructions that require explicit length
bounds before the instruction starts ... so there are some instruction
semantics that require that both origin and destination lengths are
explicitly known as part of invoking the instruction (as part of the
instruction semantics). this tends to promote infrastructures with
determinable storage area lengths as part of invoking the instruction
... as compared to infrastructures where lengths are actually explicit
... like strings where the boundaries are actual length paradigms but
implicit in data structures embedded in the storage areas.

one of the things normally required for most ABC implementations are
infrastructure determinable storage lengths that can be used as part
of bounds specification. for instance the prevalent string paradigm
doesn't have a length value for an ABC operation that is able to
determine whether an arbitrary byte location is on one side of the
string bound or the other side of the string bound ... without
scanning the string itself for the data-pattern bound characteristic.

Most ABC operations tend to have calculatable storage address bound
based on a infrastructure providing either explicit start/length or
start/end value pairs .... as opposed to infrastructure bounds
semantics based on arbitrary data pattern contained somewhere in the
storage area (or no available infrstructure determinal bound pair
value at all).

in the 370 MVCL instruction both the source and target origins and
lengths are specified separately (along with optional fill character
to be used in situation where the source length is less than the
target length). This would be considered a ABC semantics that is part
of the machine instruction specification.

One possible difference between most higher level programming
languages and most machine programming languages ... is that in the
higher level programming languages, the actual machine instructions
don't tend to be known by the programmer ... and there can be
different instructions generated/executed with ABC active or not
active. However, other ABC paradigms are possible ... like with the
370 MVCL instruction where the bounds specification are actually part
of the instruction semantics. Other ABC paradigms are at a more gross
level ... the use of store protect (and virtual address space mapping)
to preclude programs from wild stores outside their security domain
(common countermeasure preventing arbitrary applications from
overlaying kernel storage areas).

Now, many hardware architectures have had various kinds of storage
protection mechanisms for decades ... which doesn't correct program
behavior any more than fine-grain ABC operations correct program
behavior. However, it has become recognized that various kinds of
application mis-behavior countermeasures are an extremely useful
characteristic. 

-- 
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/

Relevant Pages

  • Re: Trivia Question
    ... >> Make all the excuses for your ignorance that you like, but, yes, ... I thought that this was the point of *all* programming languages ... registers are pushed on the stack for PUSHA/PUSHAD? ... And if you don't study the instruction set ...
    (alt.lang.asm)
  • Re: Rene cant handle AoAs Success
    ... The one-instruction CPU designs that have ... three instruction CPU is going to be grossly underpowered for most ... learning *programming* becomes far more complex. ...
    (alt.lang.asm)
  • Re: Architectures
    ... Really horrid programming model. ... The instruction set makes good sense when using the ... ram has to go through a bottle-neck index register. ... The architecture and instruction set are Good and Holy. ...
    (comp.arch.embedded)
  • Re: Working with Visual C++ Toolkit 2003
    ... > My first serious programming was on a Control Data Cyber 170 ... Virtually _everything_ on that beast needed a fork lift to ... It had Pipelined CPU, virtual memory ... mode of the store instruction to "code" before generating executable code, ...
    (microsoft.public.vc.language)
  • JTAG in-system programming of PROM devices
    ... I've a question regarding in-system programming of prom devices using ... the JTAG protocol. ... XILINX Impact tool and the corresponding BSDL-file based informations. ... so called 'Instruction Capture Values' as part of the 'Instruction Scan ...
    (comp.arch.fpga)
Quantcast