> Multics code was not immune to buffer overflows, but in most cases
> the effect was blunted because the out-of-range index values could
> only affect data beyond the current activation record--in contrast
> with most linear addressing systems where an overflow is almost
> always able to reach important values like the return address.

This is only because the libraries used store later characters in a
string at higher addresses (as compared to earlier characters).  If the
string libraries stored strings the other way around (with the earlier
characters at the higher addresses), downward-growing stacks would have
exactly this kind of buffer overrun protection.

Hmm, I wonder if there's something useful lurking there.

/~\ The ASCII                           der Mouse
\ / Ribbon Campaign
 X  Against HTML               [EMAIL PROTECTED]
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B
Secure Coding mailing list (SC-L)
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php

Reply via email to