Interesting C thingy

Bennett Todd bet at rahul.net
Mon Aug 9 11:11:30 PDT 2004


2004-08-09T18:09:01 Miguel Bazdresch:
> * Jason Gurtz <jason at tommyk.com> [2004-08-09 17:55]:
> > On 8/9/2004 12:56, Miguel Bazdresch wrote:
> > > printf("%c\n",9[str]); only prints the newline, i expected it to
> > > segfault :)
> > 
> > Hmm, well maybe, maybe not.  Clearly it's beyond the bounds of the array
> >  which is leagl.  But you don't know what you're going to get.  Maybe
> > you were lucky and got \0?
> 
> Does that mean reading unallocated memory is fine?

Nope, attempts to access unallocated memory should give you a
segfault. This was unlikely to be unallocated, though, it was just a
few bytes off the end of an allocated string, which means it was
probably somewhere in allocated memory --- string literals are
probably gathered into a pool and stored together, and in any case
memory allocations are probably rounded to pages.

> What about kernel memory, [...]

Nope, attempts to access there should blow.

> [...] or the memory where some guy's (logged to the same machine)
> gpg key is stored?

Likewise --- although such keys are sufficiently sensitive that apps
needed to handle such material should try to overwrite the memory
where they held it as soon as they're done with it.

-Bennett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/lfs-chat/attachments/20040809/c6e78bc8/attachment.sig>


More information about the lfs-chat mailing list