[7347] in bugtraq
Re: Bounds checking - historical aside
daemon@ATHENA.MIT.EDU (Brett Glass)
Wed Jul 22 14:38:30 1998
Date: Tue, 21 Jul 1998 13:15:49 -0600
Reply-To: Brett Glass <brett@LARIAT.ORG>
From: Brett Glass <brett@LARIAT.ORG>
X-To: r.fulton@AUCKLAND.AC.NZ
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <SIMEON.9807211442.T11372@bluebottle.itss>
At 02:18 PM 7/21/98 +1200, Russell Fulton wrote:
>I will add another:
>
> 4) Use hardware that supports bounds checking.
>
>OK This isn't an option for most of us since most HW architectures that
>we are currently stuck with don't implement bounds checking.
Perhaps you're not aware of it, but the x86 architecture does
implement bounds checking. It even has a built-in BOUND instruction to
do it! And... guess what? Most programmers don't know it exists.
The x86 also has segmentation, which keeps pointers from going out
of range. Unfortunately, OS implementors routinely turn segmentation OFF,
perpetuating all of the many problems. We must insist that they stop doing
this. Current CPUs are more than fast enough to handle the overhead.
--Brett
