If the calculated address is always the same then there is no TOCTTOU issue, but I still consider it bad form.
-- Shmuel (Seymour J.) Metz http://mason.gmu.edu/~smetz3 ________________________________________ From: IBM Mainframe Discussion List [[email protected]] on behalf of Paul Gilmartin [[email protected]] Sent: Sunday, February 7, 2021 5:29 PM To: [email protected] Subject: Re: LINK vs LOAD/CALL On Sun, 7 Feb 2021 21:32:36 +0200, Binyamin Dissen wrote: >On Sun, 7 Feb 2021 19:04:16 +0000 "Gibney, Dave" wrote: > ... >:>Classic "bad" code >:>IF address = 0 >:> Determine and store address >:>End-if >:>Branch to address > Beware TOCTTOU! >I guess you can add the case where the value calculated will always calculate >to the exact same value, such as an address in the module or the value of a >name/token, where if it is not set, check if it exists and restore it. > The test must be performed on a value loaded in temporary storage or a register, and that value used if non-zero; else loop back and try again. (Once may not be enough. But limit the number of retries.) -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
