Re: ncurses 4.1 security bug

From: Ben Laurie (benat_private)
Date: Sat Jul 11 1998 - 12:33:28 PDT

Next message: David Schwartz: "Re: ncurses 4.1 security bug"

Previous message: Ben Laurie: "Re: ncurses 4.1 security bug"
Maybe in reply to: Duncan Simpson: "ncurses 4.1 security bug"
Next in thread: David Schwartz: "Re: ncurses 4.1 security bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

David Schwartz wrote:
>
> > Why is C++ bashing so popular? Why can't people get it right? According
> > to Stroustrup, The C++ Programming Language, 3rd ed., section 9.4.1
> > Initialization of Nonlocal Variables, p.218 (in the 3rd printing):
> >
> > "Note that variables initialized by constant expressions cannot depend
> > on the value of objects from other translation units and do not[1]
> > require run-time initialization. Such variables are therefore safe to
> > use in all cases."
> >
> > [1] The word "not" was missing until the 6th printing (see the errata).
>
>         I believe this is a false statement and that the code I posted to bugtraq
> before constitutes a counter-example. Consider the following variable
> initialized by a constant expression:
>
>         MyString Foo("test");
>
>         'Foo' is a variable. '"test"' is a constant expression.

I think this is where you part from Stroustrup (and where I may have
misunderstood you). '"test"' is indeed a constant expression, but 'Foo'
is not initialized from it: the constructor is called with it, so, the
above statement does not apply to Foo. However, it does apply to
MyString::StringCount.

> Now, Stroustrup
> claims that this "cannot depend on the value of objects from other
> translation units." Consider the following object from another translation
> unit:
>
>         int MyString::StringCount=0;
>
>         And consider the following constructor:
>
>         MyString(const char *)
>         {
>          StringCount++;
>          ....
>         };
>
>         Now, here you see that a variable initialized by a constant expression CAN
> depend on the value of objects from other translation units. So either we
> are both misunderstanding Stroustrup or he is incorrect.

OK, you've misunderstood Stroustrup (IMO), and I've misunderstood you. I
agree that you can't know the value of StringCount when Foo is
initialised (because you don't know how many other MyStrings may have
been initialised), but you can know that StringCount will have been
zeroed before any MyStrings were initialised. So now I'm left wondering
what point you are actually trying to make (other than that we don't
know what order global contructors are initialised in)?

Cheers,

Ben.

--
Ben Laurie            |Phone: +44 (181) 735 0686| Apache Group member
Freelance Consultant  |Fax:   +44 (181) 735 0689|http://www.apache.org/
and Technical Director|Email: benat_private |
A.L. Digital Ltd,     |Apache-SSL author     http://www.apache-ssl.org/
London, England.      |"Apache: TDG" http://www.ora.com/catalog/apache/

WE'RE RECRUITING! http://www.aldigital.co.uk/recruit/

Next message: David Schwartz: "Re: ncurses 4.1 security bug"
Previous message: Ben Laurie: "Re: ncurses 4.1 security bug"
Maybe in reply to: Duncan Simpson: "ncurses 4.1 security bug"
Next in thread: David Schwartz: "Re: ncurses 4.1 security bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:03:21 PDT