From: "Randy Brukardt" <randy@rrsoftware.com>
Subject: Re: Ada equivalent for C-pointer?
Date: Mon, 17 Jan 2005 15:35:38 -0600
Date: 2005-01-17T15:35:38-06:00 [thread overview]
Message-ID: <Y5WdnUnMvKCgsnHcRVn-ug@megapath.net> (raw)
In-Reply-To: gemini.iad826000p84p02bc.nick.roberts@acm.org
"Nick Roberts" <nick.roberts@acm.org> wrote in message
news:gemini.iad826000p84p02bc.nick.roberts@acm.org...
...
> In what is called the 'flat' 32-bit memory model, a far pointer is the
same
> as near pointer (a 32-bit absolute offset, on its own). Since 32-bit
Windows
> (and indeed 32-bit Linux) only uses the flat memory model, this mode
> appertains mandatorily.
>
> However, in 32-bit segmented mode, a far pointer comprises a 32-bit offset
> plus a 16-bit segment selector. These are stored in memory in a format
which
> is 64 bits in size (16 bits are wasted).
>
> I understand there are some C compilers which support 32-bit segmented
mode
> compilation (e.g. WATCOM), but GCC never has and probably never will.
Janus/Ada supports that on DOS extenders (although System.Address is a
48-bit type, not 64 -- alignment might cause the other 16-bits be to wasted,
but it is certainly not part of the type). It used to support that on
Windows as well (by default, really), but it caused too much trouble with
use of 'Address. DOS Extenders these days are mostly used in embedded
systems (they're not really DOS extenders, but rather an very small embedded
OS).
For DOS Extenders, Janus/Ada separates the code and data segments, so that
errant programs can't write the code segment or execute the data segment.
That seems like a basic and trivial precaution to me; most of the security
exploits couldn't have happened if Windows and Unix had done that. (Sure,
there are occassional legitimate uses for excuting code written by the
program; but that is an exceptional case, and should be treated that way.)
> The distinction may seem pointless (sorry :-) to most people, but it
matters
> to me (because it will matter to AdaOS ;-)
>
> To clarify, when we are talking about near and far pointers, we are
> specifically talking about the 32-bit Intel Architecture (IA-32). I'm not
> aware of any other contemporary architecture supporting a superimposed
> segmentation scheme.
Right, which is probably why it hasn't been used in other systems. But
virtually every system has a way to mark pages as read-only and no-execute,
and it's silly that that wasn't used to protect programs and system.
Randy.
next prev parent reply other threads:[~2005-01-17 21:35 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-01-14 16:41 Ada equivalent for C-pointer? Alfred Hilscher
2005-01-14 17:00 ` Duncan Sands
2005-01-14 20:05 ` tmoran
2005-01-15 5:00 ` Brian May
2005-01-14 22:33 ` Keith Thompson
2005-01-14 23:03 ` Stephen Leake
2005-01-15 15:51 ` Nick Roberts
2005-01-15 18:54 ` tmoran
2005-01-16 1:43 ` Keith Thompson
2005-01-17 21:35 ` Randy Brukardt [this message]
2005-01-15 9:09 ` Martin Krischik
2005-01-15 16:03 ` Nick Roberts
2005-01-15 16:27 ` Pascal Obry
2005-01-15 16:50 ` Nick Roberts
2005-01-15 17:11 ` Simon Wright
2005-01-15 18:46 ` Nick Roberts
2005-01-15 17:49 ` Pascal Obry
2005-01-16 8:44 ` Martin Krischik
2005-01-16 9:58 ` Pascal Obry
2005-01-16 11:07 ` Martin Krischik
2005-01-16 8:36 ` Martin Krischik
2005-01-16 15:01 ` Niklas Holsti
2005-01-16 16:02 ` Martin Krischik
2005-01-17 15:33 ` Niklas Holsti
2005-01-16 20:39 ` Nick Roberts
2005-01-17 21:38 ` Randy Brukardt
2005-01-17 21:45 ` Pascal Obry
2005-01-17 13:11 ` Alfred Hilscher
2005-01-18 7:31 ` Keith Thompson
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox