Hacker News new | past | comments | ask | show | jobs | submit login

What are you talking about? Dereferencing invalid memory is a security bug.



Not necessarily.


In what cases it's not?


In the referenced case the introduced error involved a reference to a null pointer but there was still no exploitable security hole. The exploit was enabled when the compiler removed an explicit check. The null dereference was an error, but it was not a security issue on its own.


Why didn't the kernel panic when it tried to access NULL?


Why is a compiler writer attempting to legislate the kernel address space?


Give me a break. The kernel developers know C. They know what "undefined behavior" means.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: