vmsplice(): the making of a local root exploit
Posted Feb 15, 2008 6:54 UTC (Fri) by JoeF
In reply to: vmsplice(): the making of a local root exploit
Parent article: vmsplice(): the making of a local root exploit
Using ">> 9" is essentially a comment saying "I'm converting this to a 512-byte sector count".
No. It only says that you shift a value by 9 bits to the right.
It may say to you that you are converting a value to a 512-byte sector count. It does not necessarily say that to others.
It's such a fundamentally basic operation that anyone working with filesystem or disk code
would understand it immediately.
That mindset is what results in a lot of the flaws in all kinds of code. There will always be somebody working on the code for whom it isn't obvious. I venture that if you can't see that, you must still be in your first job and haven't yet had the task to maintain somebody else's code. I can tell you from (painful) experience that this kind of stuff is among the worst stuff out there.
">>9" makes implicit assumptions, and implicit assumptions, even if they may seem reasonable to the original author, are often not obvious to maintainers, possibly years down the road.
Oh, and just in case, I am writing filesystem code. I would never even get the idea to write something like ">>9" without a comment, or better, in a macro.
to post comments)