[RPL/2] RPL/2-4.00pre7n
BERTRAND Joël
joel.bertrand at systella.fr
Lun 25 Oct 11:39:59 CEST 2004
On Mon, Oct 25, 2004 at 03:43:54AM -0400, Stuart Moore wrote:
> Joel,
>
> Hi.
>
> > It catches stack overflows (mainly due to recursion).
>
> Do these overflows have a security impact?
>
> Y a't'il un impact de sécurité?
No, Stuart, there is no security impact. It's only a cosmetic patch
to allow the sequencer to close (and delete) all temporary files
when a segfault occurs, or to avoid segfault if it is possible.
Example :
+++do 1 until false end
If you enter a ctrl+C to return to the sequencer, with an old
release, you can obtain a segmentation fault due to a stack
overflow (the function that displays the stack is a recursive
function). In this case, the sequencer does not display all elements
in the stack and does not crash.
The same result can be done with something like this :
#!/usr/apps/bin/rpl -c
ROTONDITE
<<
6375000 // mètres
10000 // mètres
1.33 // correction
-> R D K
<<
1
2 R K * *
7 D sq * 8 R K * * / + neg
'X' sq 3 D 3 ** * 16 R sq K sq * * / 'X' * +
-> A B C
<<
B sq 4 A C * * - dup disp
-> D
<<
B neg D sqrt - 2 A * / steq
'X' 0 D 3 ->list indep // problem
{ X Y } autoscale
10 res
EQ disp
draw // segfault !
drax persist
>>
>>
>>
>>
due to the recursion X=f(D) and D=g(X) ! In this case, there is a
bug in my source file (two 'D' variables, the first masked by the
second that contains a X function), and the sequencer hangs with a
regular error message and not with a segfault.
The limit of the size of the stack is a limit given by the C
compiler (gcc on i386 uses a 8MB stack). Thus, the sequencer waits
for a stack overflow, uses another stack for POSIX signals, and sees
if it can catch this overflow.
Regards,
JKB
Plus d'informations sur la liste de diffusion RPL2