On Fri, 17 Oct 2003, Simon Glover wrote:
>
> What, if any, validation of their input should the register access
> functions in the extension API do? Currently, they don't do any,
> which means that you can create a buffer overflow simply by using
> a register number >31 or <0; eg,
>
> Parrot_set_intreg(interpreter, 100000000, 100);
>
> reliably segfaults on my machine. Is it the responsibility of the
> extension writer to do this kind of bounds checking (in which case
> we need to make this extremely plain in the documentation), or should
> Parrot do this itself?
This ought to be done by the extension API, though it was something I
skimped on when I was throwing it together.
Dan
