In the hope to amuse at least some of you... Oleg Goldshmidt <p...@goldshmidt.org> writes:
> So you've been lucky so far. At some point you will inevitably run into > client code that occasionally does something stupid like passing a > signed integer as size. Trust me, when that happens the size parameter > usually turns out to be -6. You will have no control over it. I sent this and tried to figure out what had made me write -6 and not -5 or -7. This: http://translate.google.com/translate?sl=sv&tl=en&js=n&prev=_t&hl=en&ie=UTF-8&layout=2&eotf=1&u=http%3A%2F%2Fwww.svd.se%2Fnaringsliv%2Fnyheter%2Fsverige%2Fmonsterorder-stoppade-borsen_7708362.svd&act=url Brief explanation not in the newspaper: the Stockholm stock exchange crashed horribly in 2012. From the screenshot fragment shown it seems pretty obvious what happened. Someone probably tried to short sell 6 OMSX30 (main Swedish stock index) futures contracts, which was represented as buying -6 of them (or maybe it was a lack of input validation), and somewhere along the way the order size was cast to unsigned int. At which point it became clear that no one could buy 131 times the Swedish GDP in one go. No, malloc probably was not involved. There was, however, a request for too much of an abundant, but still limited, resource - quite similar. I was definitely not involved. The result demonstrates the difference between an uncontrolled crash and proper error handling that could reject a clearly erroneous order and keep the exchange operational. -- Oleg Goldshmidt | p...@goldshmidt.org _______________________________________________ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
