This is very interesting. I've always wondered if anyone did this on
purpose, and I've always wondered what the big deal is with just
adding array range checking to C. A company with tons of internal
software development, and whose existence is made miserable by buffer
under/over flows, could surely pull this off. For example, Microsoft
could change the compilers that they use internally, and any
programmers found to be depending on the persistence of memory "next
to" an array would be taken out and shot.
I'm sure someone will respond, telling me why this would be a bad
idea or impossible, but that's my two cents worth.
Lance
On Sep 16, 2005, at 4:55 PM, memsom wrote:
It's great that 2.0 is out! Unfortunately it seems to break some
code I used for Porter Stemming because the code sometimes reads data
from a pchar at negative indexes. Reportedly this works fine in
Delphi 5 and I don't seem to have trouble with Delphi 7 but it
generates RTEs using fpc 2.0. (If this is a FAQ, forgive me, I've
been away from Free Pascal for a while...)
Reading PChars at negative indexes? Buffer underrun in other
words... This
is absolutely not a good thing. If FPC is preventing buffer under and
overrruns, then it is actually right, for once, and Delphi is wrong,
wrong, wrong!
A question... how do you know the memory at the negative index is
valid?
Various factors (memory management, record alignement and poor
consistency
in longterm projects) can alter what you are reading drastically.
Even if
you *believe* you know what it is. This is the kind of horror story
I see
sometimes in Legacy code that makes me wonder how the darn thing
_ever_
worked all these years. You ask the guy maintaining it and he goes all
mistical - "It just works, but no one remembers why.. we dare not
change
it because last time somebody did anything to it the entive project
A/V'd
every 30 seconds and died in a puff of green smoke."
M
M
This is very interesting. I've always wondered if anyone did this on
purpose, and I've always wondered what the big deal is with just
adding array range checking to C. A company with tons of internal
software development, and whose existence is made miserable by buffer
under/over flows, could surely pull this off. And surely it wouldn't
break _that_ much code. For example, Microsoft could change the
compilers that they use internally, and any programmers found to be
depending on the persistence of memory "next to" an array would be
taken out and shot.
I'm sure someone will respond, telling me why this would be a bad
idea or impossible, but that's my two cents worth.
Lance
_______________________________________________
fpc-pascal maillist - fpc-pascal@lists.freepascal.org
http://lists.freepascal.org/mailman/listinfo/fpc-pascal
