Squeak VM stability?
Joshua Gargus
schwa at fastmail.us
Sat Dec 29 07:21:00 UTC 2007
It shouldn't be difficult to verify the "well-formedness" of compiled
methods without the overhead of a complete recompilation. As with
Mathieu's suggestion, this can be done once at load-time so that there
is no performance penalty at run-time.
It seems like ByteSurgeon (http://www.iam.unibe.ch/~scg/Research/ByteSurgeon/
) might be the right tool for the task; perhaps someone more familiar
with it can comment?
Josh
On Dec 28, 2007, at 3:22 PM, Mathieu Suen wrote:
> Hi,
>
> On Dec 28, 2007, at 10:41 PM, Michael van der Gulik wrote:
>
>> Hi all.
>>
>> Is the policy of the VM makers (whoever they currently are) to
>> prevent the VM from crashing, particularly when given malicious
>> bytecodes?
>
> Perhaps on way to solve the problem is to avoid loading bytecode,
> instead load the source code that is compiled with a trust compiler.
> In Smalltalk the bytecode can be easily decompile so if the
> intension is to hide the code it doesn't worth loadin bytecode.
>
>>
>>
>> This is a general question, mostly related to http://bugs.squeak.org/view.php?id=1395
>> which is now closed. Is it considered a bug if I can crash the VM
>> with a maliciously crafted method?
>>
>> Which direction would the Squeak community want to go in? Should we
>> aim to have a VM that would never seg fault and dump core (or blue
>> screen under Windows), regardless of what rubbish is fed to it?
>> Doing extra sanity checks and bounds checking would possibly have a
>> performance penalty.
>>
>> Regards,
>> Gulik.
>>
>> --
>> http://people.squeakfoundation.org/person/mikevdg
>> http://gulik.pbwiki.com/
>
> Mth
>
>
>
>
More information about the Squeak-dev
mailing list
|