|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: More Browser on Macosx flaws: nested array sort() loop Stack overflow exception
Valdis.Kletnieks
vt.edu
Date: Thu Dec 02 2004 - 13:46:06 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Fri, 26 Nov 2004 18:56:01 +0200, Alex R said:
> Anyone know why so many browsers are affected?
Well... let's look at it..
> <SCRIPT> a = new Array(); while (1) { (a = new
> Array(a)).sort(); } </SCRIPT>
That's the moral equivalent of:
main() { while (1) {malloc(lots);} }
and it's *tricky* to actually trap this one correctly. The problem is
that when you do the new() that overflows the stack, you can probably
catch the error - but then you get to try to clean up the mess without
making any more function calls that grow the stack and/or malloc more.
Now consider that C++ seems to be the popular language for doing browsers -
and C++ has these things called constructors and destructors.... ;)
(Of course, the *other* possibility is to roll the stack back by hand to some
reasonable recovery point. This is fun enough in C ('man longjmp' ;), and another
ugly mess for C++)....
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFBr3D9cC3lWbTT17ARAsxwAJ0YveD4mFoLnyd2Hwt5s7e1u5doSQCgzVWs
0LgDv9mFHaa4EibGMBuMV54=
=tlj8
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]