Date: Tue, 27 Feb 2024 18:46:58 -0500
It has been done before. AppVerifier on Windows has options that allow you
to isolate pages with guard pages.
https://learn.microsoft.com/en-us/windows-hardware/drivers/debugger/gflags-and-pageheap
On Tue, Feb 27, 2024, 6:20 PM Robin Rowe via SG14 <sg14_at_[hidden]>
wrote:
>
> https://www.whitehouse.gov/oncd/briefing-room/2024/02/26/press-release-technical-report/
>
> Memory safety concerns seem focused on the undefined behavior of
> pointers on buffer overruns and out-of-bounds memory accesses. However,
> not all memory is equally unsafe. Unintended access to memory that
> contains a password or an exec() command is much more valuable to
> hackers. Hacking of passwords is of particular concern for financial
> systems.
>
> C/C++ programs use stack, heap or static memory to hold data. Any of
> these can be overrun. I am experimenting with code to add a fourth
> category, page memory. That is, allocation creates a memory region that
> cannot be overrun into or out of because it is an isolated protected
> page in memory. The default behavior for an overrun is a segfault.
>
> Is this a good or bad idea? Been done before? Thoughts?
>
> Robin Rowe
> Beverly Hills, California
> *Chairman ISO WG21 SG14 C++ Banking and Financial Systems Subcommittee
> _______________________________________________
> SG14 mailing list
> SG14_at_[hidden]
> https://lists.isocpp.org/mailman/listinfo.cgi/sg14
>
to isolate pages with guard pages.
https://learn.microsoft.com/en-us/windows-hardware/drivers/debugger/gflags-and-pageheap
On Tue, Feb 27, 2024, 6:20 PM Robin Rowe via SG14 <sg14_at_[hidden]>
wrote:
>
> https://www.whitehouse.gov/oncd/briefing-room/2024/02/26/press-release-technical-report/
>
> Memory safety concerns seem focused on the undefined behavior of
> pointers on buffer overruns and out-of-bounds memory accesses. However,
> not all memory is equally unsafe. Unintended access to memory that
> contains a password or an exec() command is much more valuable to
> hackers. Hacking of passwords is of particular concern for financial
> systems.
>
> C/C++ programs use stack, heap or static memory to hold data. Any of
> these can be overrun. I am experimenting with code to add a fourth
> category, page memory. That is, allocation creates a memory region that
> cannot be overrun into or out of because it is an isolated protected
> page in memory. The default behavior for an overrun is a segfault.
>
> Is this a good or bad idea? Been done before? Thoughts?
>
> Robin Rowe
> Beverly Hills, California
> *Chairman ISO WG21 SG14 C++ Banking and Financial Systems Subcommittee
> _______________________________________________
> SG14 mailing list
> SG14_at_[hidden]
> https://lists.isocpp.org/mailman/listinfo.cgi/sg14
>
Received on 2024-02-27 23:47:12