Hacker News new | ask | show | jobs
by pjc50 33 days ago
UB based on input can be an exploit vector.
1 comments
layer8 33 days ago
Unvalidated input can always be an exploit vector.
link
Ygg2 33 days ago
Except in C, validation of user input can in itself be an exploit vector.
link
layer8 33 days ago
That’s true in other languages as well. Any programmatic task can end up being an exploit vector.
link
pjc50 33 days ago
No? That's the whole point of formal verification?

You can even kind of retrofit this to C. The classic example is "sel4". You just need a set of proofs that the code doesn't trigger UB. This ends up being much larger and more complicated than the C itself.

link
rocketrascal 33 days ago
You can fail to verify something which you actually wanted to verify (i.e you made a proof of something else instead of the thing that mattered). See WPA2 KRACK as an example.
link
Ygg2 33 days ago
Yeah, but only in C* can those errors end up as more UB.

* terms and limits may apply.

link
eru 32 days ago
Many other languages also have UB. But almost none is as trigger happy as C and C++ are.
link
greybeard69 33 days ago
Turtles all the way down.
link