Re: not null

[Georg Bauhaus <rm.dash-bauhaus@futureapps.de>]

Adam Beneschan schrieb:
> On Mar 4, 7:22 am, Georg Bauhaus <rm.dash-bauh...@futureapps.de>
> wrote:
> 
>> The overall impact of refs not "attached" (to use
>> an Eiffel term; not null is spreading through languages
>> it seems; C++, too?) is a financial disaster, with
>> possibly one exception: there is money in a business
>> selling software components whose purpose is to guard
>> the holes kept open by operating system sellers.
>>
>> (Antivirus etc.)
> 
> Is there any basis for this last comment?  I've seen lots of reports
> of vulnerabilities caused by buffer overflows combined with lack of
> range checking, and by double-deallocation errors (deallocating the
> same chunk of memory twice and making hash of your heap structures),
> but I don't recall seeing any caused by null references.  Errors
> involving null references seem a lot more likely just to make programs
> die unexpectedly, than to allow arbitrary code execution or the like.

You have caught me in an argument over CeBIT discussions
concerning the security of OSs and server software,
so I might have been carried away.

OTOH, the very presence of null values seems close
to the causes of buffer overflow, of accessing/overwriting
data off bounds, etc. This is simply because NULL
(similarly, '\0') is thought of as a regular thing,
for the programmer to handle routinely with any
sequential piece of data.
strcat(3) and relatives, as its counterparts at the
end of arrays of structures, rely on null values.
You need the dangerous thing to get anything done.
Caveat emptor.