|
|
|
|
|
|
by IshKebab
242 days ago
|
|
|
> If pointers and integers can be freely converted to each other You can only freely convert integers to pointers with "exposed provenance" in Rust which is currently unstable. https://doc.rust-lang.org/std/ptr/index.html#exposed-provena... I find the idea of provenance a bit abstract so it's a lot easier to think about a concrete pointer system that has "real" provenance: CHERI. In CHERI all pointers are capabilities with a "valid" tag bit (it's out-of-band so you can't just set it to 1 arbitrarily). As soon as you start doing raw bit manipulation of the address the tag is cleared and then it can be no longer used as a pointer. So this problem doesn't exist on CHERI. Also the problem of mistaking integers as pointers when scanning doesn't exist either - you can instead just search for memory where the tag bit is set. |
|
|