Re: nested functions

Karsten Nyblad <148f3wg02@sneakemail.com>
8 Sep 2006 00:25:18 -0400

          From comp.compilers

Related articles
[4 earlier articles]
Re: nested functions tommy.thorn@gmail.com (Tommy Thorn) (2006-08-30)
Re: nested functions reji_thomas@symantec.com (2006-08-31)
Re: nested functions tommy.thorn@gmail.com (Tommy Thorn) (2006-08-31)
Re: nested functions marcov@stack.nl (Marco van de Voort) (2006-09-06)
Re: nested functions tommy.thorn@gmail.com (Tommy Thorn) (2006-09-06)
Re: nested functions Jatin_Bhateja@mentor.com (Jatin Bhateja) (2006-09-08)
Re: nested functions 148f3wg02@sneakemail.com (Karsten Nyblad) (2006-09-08)
Re: nested functions foobar@nowhere.void (Tommy Thorn) (2006-09-08)
Re: nested functions torbenm@app-3.diku.dk (2006-09-08)
Re: nested functions chris.dollin@hp.com (Chris Dollin) (2006-09-08)
| List of all articles for this month |
From: Karsten Nyblad <148f3wg02@sneakemail.com>
Newsgroups: comp.compilers
Date: 8 Sep 2006 00:25:18 -0400
Organization: Compilers Central
References: 06-08-14006-08-144 06-09-008 06-09-009
Keywords: code
Posted-Date: 08 Sep 2006 00:25:18 EDT

Tommy Thorn wrote:
> Trampolines may in fact be the best choice if you expect most
> functions passed by argument to *not* have a local environment (such
> as global "outer" functions). The obvious alternative is to pass a
> pointer to a structure which includes the local environment [pointer]
> as well as a pointer to the function. This is better if the opposite
> is true.


Before choosing trampolines you also need to consider security, e.g., if
you want to implement web services, trampolines may be unacceptable.
Trampolines in the GCC implementation are implemented by generating code
at runtime and locating it on the stack. This means that the program
must execute from user writable store.


One of the most dangerous forms of hacking attack are when the buffer
overrun attacks, were the hacker sends code to the web service under
attack and fools the service into executing it. The code is stored in
and executed from user writable store. Modern hardware including modern
x86 hardware can check that code is fetched from store marked for
storing code. Of course the operating systems (including newer versions
of Linux and Windows) by default does not allow executing code stored in
user writable areas.


You will have to disable such hardware checks if you want to use GCCs
trampolines, but that is unacceptable for security reasons.


Karsten Nyblad



Post a followup to this message

Return to the comp.compilers page.
Search the comp.compilers archives again.