Re: [edk2] Common, pedantic, bug in embedded C. * (char *)0x00000000 = 1

Subject: Re: [edk2] Common, pedantic, bug in embedded C. * (char *)0x00000000 = 1

From: Andrew Fish <afish@apple.com>

To: edk2-devel@lists.sourceforge.net

Date: 2013-03-08 17:52:22


On Mar 8, 2013, at 8:52 AM, "Brian J. Johnson"  wrote:

> On 03/07/2013 08:12 PM, Mcdaniel, Daryl wrote:
>> ...
>> Another interesting bit of trivia about null pointers from the
>> ISO/IEC 9899:199409 C language specification (C95, 1995):
>> "A null pointer is guaranteed to compare unequal to a pointer to any
>> object or function."
>> 
>> "The C Programming Language", 1978, by Kernighan and Ritchie states:
>> "C guarantees that no pointer that validly points at data will
>> contain zero, so a return value of zero can be used to signal an
>> abnormal event."
>> 
>> This is only a problem if you attempt to create a pointer using
>> constants, such as (char *)0x00000000.  By definition, this is a NULL
>> pointer and cannot point at data.  But, any pointer that becomes zero
>> (NULL) during program operation can be dereferenced.  "Safe" systems
>> sometimes put a trapping instruction at 0x00000000 so that if someone
>> dereferences a NULL function pointer it will be trapped before things
>> disintegrate.  If the trapping instruction is read as data, it is a
>> known value that if seen during debug is an indication that you might
>> be dereferencing a null pointer.
> 
> We've implemented a similar "safety" check in our BIOS by modifying the 
> segment descriptors (in 32-bit mode) and the 1:1 page tables (in 64-bit 
> mode) to prohibit access to addresses 0-4095.  That caught some bugs and 
> unforseen end cases in our code.
> 
> Unfortunately this check interfered with the CSM, so we were not able to 
> use it in production.  But it might be a handy option (under a PCD 
> feature flag, of course) to have available in EDK2.

We have done this too. I agree it is useful. We had to add a mechanism to turn it off to support the CSM. 

Thanks,

Andrew Fish

------------------------------------------------------------------------------
Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester  
Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the  
endpoint security space. For insight on selecting the right partner to 
tackle endpoint security challenges, access the full report. 
http://p.sf.net/sfu/symantec-dev2dev
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-devel