|
|
Subscribe / Log in / New account

Herb Sutter on increasing safety in C++

Herb Sutter on increasing safety in C++

Posted Mar 13, 2024 7:11 UTC (Wed) by LtWorf (subscriber, #124958)
In reply to: Herb Sutter on increasing safety in C++ by khim
Parent article: Herb Sutter on increasing safety in C++

Well it means a very well compressed stream of the same repeated byte can allocate much more memory than it's supposed to. Something around 9x more.

Do it from a few clients and and you got your memory full :)

Who wouldn't consider this a vulnerability?

to post comments

Herb Sutter on increasing safety in C++

Posted Mar 13, 2024 9:51 UTC (Wed) by khim (subscriber, #9252) [Link] (4 responses)

> Do it from a few clients and and you got your memory full :)

And then your process is killed and restarted. That's DoS attack, not a vulnerability.

> Who wouldn't consider this a vulnerability?

Most developers, I suspect. If the worst outcome is “your service doesn't respond because it's clogged with requests” then usually it's achievable without any vulnerability and said bug doesn't give you the ability to do more than that.

P.S. Actually I suspect under new rule kernel guys would give it a CVE because their goal is to ensure that no vulnerabilities would be unmarked, not to paint the whole world into black and write colors for the PHB to be happy, somehow. Compared to CVE-2023-52472 this is, indeed, serious vulnerability. But before CVE process was exposes as meaningless farce only Rust guys cared about stuff like that.

Herb Sutter on increasing safety in C++

Posted Mar 13, 2024 10:55 UTC (Wed) by cmeerw (guest, #555) [Link] (2 responses)

see CVE-2003-1564 (billion laughs attack)

Herb Sutter on increasing safety in C++

Posted Mar 13, 2024 11:06 UTC (Wed) by khim (subscriber, #9252) [Link] (1 responses)

Well… that's year 2003. Maybe in year 2045 Rust, too, would devolve to the state where we would need another new language for safety.

Herb Sutter on increasing safety in C++

Posted Mar 13, 2024 11:15 UTC (Wed) by cmeerw (guest, #555) [Link]

Yes, that's year 2003. Not sure what you are trying to say.

You were earlier claiming "only Rust guys cared about stuff like that" and "how many C/C++ developers do you know that would accept that as an actual vulnerability".

Looks like people care about stuff like that since at least 2003 - and there was quite a bit of publicity about that around that time. It even has it's own Wikipedia entry.

Herb Sutter on increasing safety in C++

Posted Mar 13, 2024 11:19 UTC (Wed) by LtWorf (subscriber, #124958) [Link]

If you had set a quota and the quota is ignored, it would take a very denialist person to say that it isn't a security bug.

From the other comments I think that you are not using rationality when talking about rust.

A full memory might easily mean degraded performances and swap, rather than a service being restarted (hoping that the OOMkiller picks the right process).

Herb Sutter on increasing safety in C++

Posted Mar 13, 2024 21:40 UTC (Wed) by dvdeug (guest, #10998) [Link]

Something around 9x as much? Something like a billion laughs would make for a qualitative change, but if a nine-fold expansion matters, then fixing it isn't changing any thing qualitatively. You can't handle a sudden 9 times boost in traffic, or a DDOS becomes somewhat easier. That's not a vulnerability; that's inefficiency.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds