Re: Pascal Calling Convention

comp.lang.ada
 help / color / mirror / Atom feed

From: "Randy Brukardt" <randy@rrsoftware.com>
Subject: Re: Pascal Calling Convention
Date: Tue, 29 Mar 2011 18:45:16 -0500
Date: 2011-03-29T18:45:16-05:00	[thread overview]
Message-ID: <imtqug$b1r$1@munin.nbi.dk> (raw)
In-Reply-To: e927347b-4f90-471a-b574-878e655eba89@34g2000pru.googlegroups.com

"Shark8" <onewingedshark@gmail.com> wrote in message 
news:e927347b-4f90-471a-b574-878e655eba89@34g2000pru.googlegroups.com...
On Mar 28, 8:32 pm, "Randy Brukardt" <ra...@rrsoftware.com> wrote:
>> Not relevant to this discussion, but I think that's sad, as a lot of the
>> security problems inherent in buffer overflows would have been avoided by
>> simply keeping separate code and data segments. That would prevent code 
>> on
>> the stack from being executed. (We found a lot of problems in Janus/Ada 
>> by
>> keeping the code and data segments in our DOS Extender compilers 
>> completely
>> separate; it's been quite a bit harder to find those problems on Windows 
>> or
>> Unix systems that don't properly separate them.) The problem with 
>> segments
>> is segments that are too small, not the basic idea.
>
>...but aren't segments, in 32-bit machines, capable of doing 4GB?

Right. That's why it is sad that operating systems stopped using them when 
they moved to 32-bit. In the 16-bit systems, the segments could be too 
small, which made things messy to use, but that is much less of a problem 
for 32-bit segments.

>But I see what you mean about data/code segment separation... though
>it can also be a source of frustration if you want to do some 
>self-modifying
>code.

But that's actually a feature. To do self-modifying code, you have to ask 
the OS for a read-write-execute code/data segment. The vast majority of 
programs have no good reason for doing that, so they would have no way to 
execute injected code (presuming that the compiler run-time does not include 
unused APIs). That alone would have made programs safer, by blocking most of 
the avenues that buffer overflows could have been exploited.

One could even imagine that using that API would require elevated 
permissions and signed executables (although I think that was not something 
that was worried about in 1990).

Of course, recent OSes have been trying to graft this sort of security back 
on (breaking lots of code), but that all could have been avoided if the code 
and data had been truly separate in the first place.

                              Randy.

next prev parent reply	other threads:[~2011-03-29 23:45 UTC|newest]

Thread overview: 57+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-03-23 21:37 Pascal Calling Convention Shark8
2011-03-23 23:25 ` Yannick Duchêne (Hibou57)
2011-03-24  0:24   ` Randy Brukardt
2011-03-24  0:43     ` Yannick Duchêne (Hibou57)
2011-03-24  2:04       ` Shark8
2011-03-25 15:40         ` Yannick Duchêne (Hibou57)
     [not found]       ` <F8mdnYCca6tRJBfQnZ2dnUVZ_s-dnZ2d@earthlink.com>
2011-03-24 19:20         ` Keith Thompson
2011-03-25 16:04           ` Robert A Duff
2011-03-25 17:02             ` Hyman Rosen
2011-03-25 17:09               ` Robert A Duff
2011-03-25 17:35                 ` Hyman Rosen
2011-03-26 19:51                   ` Robert A Duff
2011-03-25 17:51             ` Keith Thompson
2011-03-26 20:46               ` Robert A Duff
2011-03-27  2:24                 ` Randy Brukardt
2011-03-28 15:41                   ` Adam Beneschan
2011-03-28 19:52                   ` Robert A Duff
2011-03-29  2:32                     ` Randy Brukardt
2011-03-29  6:06                       ` Shark8
2011-03-29 23:45                         ` Randy Brukardt [this message]
2011-03-29 19:19                       ` Robert A Duff
2011-03-30  0:02                         ` Randy Brukardt
2011-03-30 12:40                           ` Robert A Duff
2011-03-30 19:40                             ` Randy Brukardt
2011-03-30 20:56                               ` tmoran
2011-03-30 22:34                                 ` Robert A Duff
2011-03-31 21:00                                   ` Randy Brukardt
2011-03-28 20:29                 ` Hyman Rosen
2011-03-28 21:16                   ` Adam Beneschan
2011-03-28 21:26                     ` Hyman Rosen
2011-03-28 22:08                       ` Adam Beneschan
2011-03-28 23:47                         ` Georg Bauhaus
2011-03-29 12:23                           ` stefan-lucks
2011-03-29 13:10                             ` Hyman Rosen
2011-03-30 13:42                             ` Phil Clayton
2011-03-31  7:40                               ` Phil Clayton
2011-03-29  2:48                         ` Hyman Rosen
2011-03-29 18:30                           ` Robert A Duff
2011-03-29 23:25                             ` Adam Beneschan
2011-03-30 12:50                               ` Robert A Duff
2011-03-30 14:47                                 ` Adam Beneschan
2011-03-30 18:10                                   ` Robert A Duff
2011-03-29  3:01                         ` Hyman Rosen
2011-03-29 18:22                           ` Robert A Duff
2011-03-26 21:30           ` Florian Weimer
2011-03-27 16:18             ` Robert A Duff
2011-03-27 16:38               ` Florian Weimer
2011-03-27 16:56                 ` Robert A Duff
2011-03-24  2:15   ` Shark8
2011-03-24  0:38 ` ytomino
2011-03-24  2:23   ` Shark8
2011-03-24 21:29 ` Gautier write-only
2011-03-25 12:47 ` Marco
2011-03-25 15:38   ` Yannick Duchêne (Hibou57)
2011-03-26  8:39     ` ObjectAda [was: Pascal Calling Convention] Gautier write-only
2011-03-26 14:05       ` Marco
2011-03-26 21:58         ` Gautier write-only

replies disabled

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox