Forum - MCS Electronics

 
FAQFAQ SearchSearch RegisterRegister Log inLog in

Memory Safe Programming

 
Post new topic   Reply to topic    www.mcselec.com Forum Index -> Various
View previous topic :: View next topic  
Author Message
oi18ct

Bascom Member



Joined: 08 Mar 2022
Posts: 22
Location: North Branch, Minnesota
usa.gif
PostPosted: Thu Feb 29, 2024 6:12 pm    Post subject: Memory Safe Programming Reply with quote
I thought the forum might find this interesting:
https://www.tomshardware.com/software/security-software/white-house-urges-developers-to-avoid-c-and-c-use-memory-safe-programming-languages

but I question if any coding can be 'memory safe' or if this is just people latching on to buzz words and impractical concepts

(BASCOM-AVR version : 2.0.8.6 , Latest : 2.0.8.6 )
_________________
Lee
Back to top
View user's profile Visit poster's website
albertsm

Administrator



Joined: 09 Apr 2004
Posts: 5922
Location: Holland
blank.gif
PostPosted: Fri Mar 01, 2024 10:54 am    Post subject: Reply with quote
of course it is possible to have safe memory coding.
when you use POKE, OUT you need to take care that you ensure the address is correct. that is relatively simple.
when you have the concept of pointers, and pointers to pointers it is more easy to have a buffer/memory overrun.
especial when you have no error checking or not enough error checking.
but even with safe code like
dim b as byte
b=10

and somewhere else you also write to b because of a logic or coding error, the variable is overwritten. of course this fault can not be exploited. code injection is often used to abuse flaws.

of course the list is about C/C++. all OS like windows, linux, are written in C/C++ and partial asm. and thus there are many potential flaws. in a normal good world that would not matter much. but in reality the world is not good everywhere especial when they have a dictator in control.
(state) hackers try to find these leaks to exploit them for good or worse.
why some countries have a connection to the internet is curious to me. i would shut down countries that have high hack attempts. the government of each country should make sure that there are no cross border attacks.
The dependency nowadays of the internet is worrying. a net not build for this purpose with lot of crappy IP hardware/software is asking for problems. but people are ignorant until it is too late.
so do not worry to much about these C memory coding flaws. better check how dependent you are on IP and how your provider handles things.
The cloud is also something to avoid. if you use it, make sure to have multiple clouds and spread risks.
And encode all data so it can not be read by governments. seems everywhere around the world the government like to read a long. and besides that Micro$oft , Google and the like also like to read so they can sell more advertisements.

if you want to make rock solid code you need many error checks. and then again, when it runs on an OS you must hope that it was created with rock solid code as well.
just my personal opinion Very Happy
_________________
Mark
Back to top
View user's profile Visit poster's website
oi18ct

Bascom Member



Joined: 08 Mar 2022
Posts: 22
Location: North Branch, Minnesota
usa.gif
PostPosted: Mon Mar 04, 2024 6:40 pm    Post subject: Reply with quote
I knew Mark would have an interesting take on this!
_________________
Lee
Back to top
View user's profile Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    www.mcselec.com Forum Index -> Various All times are GMT + 1 Hour
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum



Back to Main page