behavior, upon use of a nonportable or erroneous program con‐
struct or of erroneous data, for which this International Standard
imposes no requirements
Consider the following C program:
int main(int argc, char **argv) {
unsigned long a[1];
a[3] = 0x7ffff7b36cebUL;
return 0;
}
According to C99, because this program accesses an element off the
end of the array a, its behavior is undefined, meaning that it can do
anything whatsoever. On my computer, this morning, running this
program produced the output:
undef: Error: .netrc file is readable by others.
undef: Remove password or make file unreadable by others.
Then it crashes. I don’t even have a .netrc file.
The machine code the C compiler generated for my main function
happens to place the array a on the stack three words before the
return address, so storing 0x7ffff7b36cebUL in a[3] changes poor
main’s return address to point into the midst of code in the C stan‐
dard library that consults one’s .netrc file for a password. When my
main returns, execution resumes not in main’s caller, but at the
machine code for these lines from the library:
warnx(_("Error: .netrc file is readable by others."));
warnx(_("Remove password or make file unreadable by others."));
goto bad;
In allowing an array reference to affect the behavior of a subsequent
return statement, my C compiler is fully standards-compliant. An
“undefined” operation doesn’t just produce an unspecified result: it
is allowed to cause the program to do anything at all.
The C99 standard grants the compiler this carte blanche to allow it
to generate faster code. Rather than making the compiler responsi‐
ble for detecting and handling odd behavior like running off the end
of an array, the standard makes the C programmer responsible for
ensuring those conditions never arise in the first place.
Empirically speaking, we’re not very good at that. The 1988 Morris
virus had various ways to break into new machines, one of which
entailed tricking a server into executing an elaboration on the tech‐
Type Safety | 3
剩余61页未读,继续阅读
一一叶
- 粉丝: 1
- 资源: 27
我的内容管理
展开
最新资源
- 计算机人脸表情动画技术发展综述
- 关系数据库的关键字搜索技术综述:模型、架构与未来趋势
- 迭代自适应逆滤波在语音情感识别中的应用
- 概念知识树在旅游领域智能分析中的应用
- 构建is-a层次与OWL本体集成:理论与算法
- 基于语义元的相似度计算方法研究:改进与有效性验证
- 网格梯度多密度聚类算法:去噪与高效聚类
- 网格服务工作流动态调度算法PGSWA研究
- 突发事件连锁反应网络模型与应急预警分析
- BA网络上的病毒营销与网站推广仿真研究
- 离散HSMM故障预测模型:有效提升系统状态预测
- 煤矿安全评价:信息融合与可拓理论的应用
- 多维度Petri网工作流模型MD_WFN:统一建模与应用研究
- 面向过程追踪的知识安全描述方法
- 基于收益的软件过程资源调度优化策略
- 多核环境下基于数据流Java的Web服务器优化实现提升性能
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
