From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,124905131f269735 X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2001-09-27 02:26:05 PST From: Erik Johannessen Newsgroups: comp.lang.ada Subject: Re: gnat and heap size Date: 27 Sep 2001 11:02:56 +0200 Organization: Kongsberg Defence and Aerospace Message-ID: References: <1001442590.557811@news.drenet.dnd.ca> <3BB10E2C.8C57FFE1@linuxchip.demon.co.uk> NNTP-Posting-Host: 150.1.31.59 Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii User-Agent: Gnus/5.0802 (Gnus v5.8.2) XEmacs/21.1 (Acadia) Path: archiver1.google.com!newsfeed.google.com!newsfeed.stanford.edu!news.tele.dk!small.news.tele.dk!195.158.233.21!news1.ebone.net!news.ebone.net!easynet-monga!easynet-melon!easynet.net!uio.no!Norway.EU.net!193.71.169.73!spiten.kongsberg.com!kongsberg!not-for-mail Xref: archiver1.google.com comp.lang.ada:13428 Date: 2001-09-27T11:02:56+02:00 List-Id: Erik Johannessen writes: > The fun part here is that you can stay within the bounds you've > declared for the array, but access memory outside of the area > allocated for the array. If you've got other data on the heap after > the array you'll get some interesting bugs. :) > > The following code demonstrates the problem [...] > Compiled with gnat-3.14a1 on sparc-solaris2.6 I get: > > ./matrix > Found 42 at index 42 in b And in this example the array bounds for b can be overwritten as well (since they are stored right before the first array element). -Erik -- /d{def}def/m{mul}d/a{add}d/q{repeat}d/y 1 d 300{/x 1 d 600{/c x 600 div 4 m 2 sub d/z y 300 div 2 m 1 sub d/r 0 d/i 0 d/t 0 d{t 1 le{/n r r m i i m sub c a d/b 2 r m i m z a d/r n d/i b d r r m i i m a 16 gt{exit}if} {exit}ifelse/t t .01 a d}loop t setgray x y moveto 1 1 rlineto stroke/x x 1 a d}q /y y 1 a d}q