[55450] in North American Network Operators' Group
Re: Bell Labs or Microsoft security?
daemon@ATHENA.MIT.EDU (Richard A Steenbergen)
Wed Jan 29 12:41:15 2003
Date: Wed, 29 Jan 2003 12:36:22 -0500
From: Richard A Steenbergen <ras@e-gerbil.net>
To: "E.B. Dreger" <eddy+public+spam@noc.everquick.net>
Cc: nanog@merit.edu
In-Reply-To: <Pine.LNX.4.44.0301291719540.12776-100000@www.everquick.net>
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, Jan 29, 2003 at 05:26:06PM +0000, E.B. Dreger wrote:
>
> If you check before each byte. Checking for sufficient space
> first ("is there room for a 245-byte string?") is much faster.
> Besides, looking at all the bloated code using indirect function
> calls[*] and crappy code using poor algorithms... is speed really
> a concern?
>
> [*] Try profiling indirect function calls on x86, especially
> newer cores. Such instructions carry a stiff penalty... but
> there's no shortage of virtual functions in certain software.
> (Think: OWL and MFC libraries.)
Note I'm making a distinction between fixing the string libraries to
handle overflow situations better, and changing the entire OS to do array
bounds checking. One is good, the other is not.
--
Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
