Buffer Overflow Protection
The last and maybe most important point to note about descriptors is how they affect the complementary notions of system security and program correctness. One of the best tools a hacker has to compromise operating systems of today is the buffer overflow. This is particularly easily done in C and with a little more effort in assemblers. C, in particular, uses the most primitive and error-prone way to mark the end of strings, using a null byte as an end-of-string sentinel in the data stream itself.
Pointers are implemented on the B5000 by indexed descriptors. During indexing operations, pointers are checked at each increment to make sure that neither the source nor the destination blocks are out of bound. During a scan or replace operation, the mechanisms used to read or copy large blocks of memory, both source and destination are checked at each word increment for a valid memory tag. Each memory segment is bounded by tag 3 words, which would make such an operation fail. Each memory segment containing integrity sensitive data, such as program code, is stored in tag 3 words, making an uncontrolled read – let alone modification – impossible. Thus a significant source of program errors can be detected early before software goes into production, and a more significant class of attacks on system security is not possible.
Read more about this topic: Burroughs Large Systems Descriptors
Famous quotes containing the words overflow and/or protection:
“All good poetry is the spontaneous overflow of powerful feelings: it takes its origin from emotion recollected in tranquillity.”
—William Wordsworth (1770–1850)
“A strong egoism is a protection against disease, but in the last resort we must begin to love in order that we may not fall ill, and must fall ill if, in consequence of frustration, we cannot love.”
—Sigmund Freud (1856–1939)