This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: Buffer Overflow Attacks
- To: carlo at alinoe dot com, fp at fpx dot de
- Subject: Re: Buffer Overflow Attacks
- From: dewar at gnat dot com
- Date: Sun, 14 Oct 2001 11:01:03 -0400 (EDT)
- Cc: gcc at gcc dot gnu dot org
<<Because of this, complete new languages have been designed (Java and C#),
which - as a result of that - are considerably slower. I don't think that
>>
This is misleading, Ada has shown for a long time that bounds checking need
not be that expensive. The performance of Java is not substantially due to
this feature at all. The obvious approach in a compiler to prevent this
kind of error is to generate appropriate runtime checks, and it is by
no means impossible to do this kind of code generation for C (indeed
it can be done already by some C translators). Yes there is overhead, but
probably not significantly more than would occur for the schemes discussed
here (e.g. separated data and control stacks).