How does this work??
3 hours ago, Gat Pelsinger said:
Wait, it's that insecure? I am advancing the pointer by 90, and basically overwriting some other's program memory? Or is Windows's layer protecting me from doing so but it still executes fine?
These days, yes.
Ever since the 80386, programs generally run in "protected mode". Every program gets its own virtual address space. So the pointer you get does not refer to any physical location in memory, but some location in your program's virtual address space. The operating system takes care of mapping that to a physical location, either in RAM or in swap. Which means you can't really interfere with memory owned by another program (but you can interfere with your own).
But if you're running outside protected mode (called "real mode") then yes, you can effectively use a pointer to access any arbitrary memory region. Writing there could lead from your program crashing to the OS crashing, to all manner of fun corruption. Which is why on a modern system typically only the kernel itself runs in that mode.
You have to keep in mind that C is a low level language. It's not quite on the same level as assembler/machine code, but pretty close to it. You're effectively telling the CPU what to do, writing values into registers, incrementing them, reading and writing from memory. So no one "programmed" pointers to be this way, this is simply how memory access works on a CPU.
Most higher level languages take things a step further. For example if you create an array list in Java and then try to access a value out of bounds, you'll be quickly met with an exception. But these types of checks aren't free. Basically any time you call a method, it will have to run some form of "if value > limit" check. While that's not a big issue on a modern CPU, it will take some CPU cycles to do that check. So in a tight loop you may be running millions of (potentially unnecessary) checks.
If you're programming in C, these checks simply aren't there, unless you include them yourself. This means you get the maximum possible speed, but you also have to pay much more attention that you're doing things correctly. It's up to you to ensure your program doesn't do things it's not supposed to. As the saying goes: With great power comes great responsibility.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now