lecture19

lecture19 - Lecture Outline Beyond compilers Language...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
1 Prof. Aiken CS 143 Lecture 19 1 Language Security Lecture 19 Prof. Aiken CS 143 Lecture 19 2 Lecture Outline • Beyond compilers – Looking at other issues in programming language design and tools • C – Arrays – Exploiting buffer overruns – Detecting buffer overruns Prof. Aiken CS 143 Lecture 19 3 Platitudes • Language design has influence on – Safety – Efficiency – Security Prof. Aiken CS 143 Lecture 19 4 C Design Principles • Small language • Maximum efficiency • Safety less important • Designed for the world in 1972 – Weak machines – Trusted networks Prof. Aiken CS 143 Lecture 19 5 Arrays in C char buffer[100]; Declares and allocates an array of 100 chars 100 *sizeof(char) 0 2 99 Prof. Aiken CS 143 Lecture 19 6 C Array Operations char buf1[100], buf2[100]; Write: buf1[0] = ‘a’; Read: return buf2[0];
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Prof. Aiken CS 143 Lecture 19 7 What’s Wrong with this Picture? int i = 0; for(i = 0; buf1[i] != ‘\0’; i++) { buf2[i] = buf1[i]; } buf2[i] = ‘\0’; Prof. Aiken CS 143 Lecture 19 8 Indexing Out of Bounds The following are all legal C and may generate no run-time errors char buffer[100]; buffer[-1] = ‘a’; buffer[100] = ‘a’; buffer[100000] = ‘a’; Prof. Aiken CS 143 Lecture 19 9 Why? • Why does C allow out of bounds array references? – Proving at compile-time that all array references are in bounds is very difficult (impossible in C) – Checking at run-time that all array references are in bounds is expensive Prof. Aiken CS 143 Lecture 19 10 Code Generation for Arrays buf1[i] = 1; /* buf1 has type int[] */ r1 = load &buf1; r2 = load i; r3 = r2 * 4; r4 = r1 + r3 store r4, 1 Prof. Aiken CS 143 Lecture 19 11 Discussion • 5 instructions worst case • Often and i already in registers – Saves 2 instructions • Many machines have indirect loads/stores – store r1[r3], 1 – Saves 1 instruction • Best case 2 instructions – Offset calculation and memory operation Prof. Aiken CS 143 Lecture 19 12 Code Generation for Arrays with Bounds Checks buf1[i] = 1; /* buf1 has type int[] */ r1 = load &buf1; r2 = load i; r3 = r2 * 4; if r3 < 0 then error; r5 = load limit of buf1; if r3 >= r5 then error; r4 = r1 + r3 store r4, 1
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 7

lecture19 - Lecture Outline Beyond compilers Language...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online