http://blog.cberger.net/2008/06/23/shiva-a-lot-of-excitement-for-a-small-achievement/ What I do, where I live, what I think. Sat, 17 Dec 2011 20:16:30 +0000 hourly 1 http://wordpress.org/?v=3.2.1 http://blog.cberger.net/2008/06/23/shiva-a-lot-of-excitement-for-a-small-achievement/comment-page-1/#comment-156 Cyrille Berger Tue, 24 Jun 2008 17:54:00 +0000 http://cyrilleberger.wordpress.com/2008/06/23/shiva-a-lot-of-excitement-for-a-small-achievement#comment-156 @benoit, hehe, to be honest the hardest part is handled by llvm ;)</></>@thomas, yes you are definitively right, buffer overflow are a plague, you can never be fully protected from them, at best, you have taken as much protection as possible. One things that gives some protection in that area is that the actual library and llvm are written in C++ using the standard string, which reduce a lot string overflow, compared to use char*. There is also a need for protection on access to arrays inside a Shiva/CTL program, stuff like "int array[1]; array[-10000] = 10;" could give access for viruses.</>One other level of protection is that neither CTL nor Shiva allows "machine" code extensions and don't provide system function.</>But yes, since security is one of the goal, and I invit anyone to find security issues and to report them to me. @benoit, hehe, to be honest the hardest part is handled by llvm @thomas, yes you are definitively right, buffer overflow are a plague, you can never be fully protected from them, at best, you have taken as much protection as possible. One things that gives some protection in that area is that the actual library and llvm are written in C++ using the standard string, which reduce a lot string overflow, compared to use char*. There is also a need for protection on access to arrays inside a Shiva/CTL program, stuff like “int array[1]; array[-10000] = 10;” could give access for viruses.One other level of protection is that neither CTL nor Shiva allows “machine” code extensions and don’t provide system function.But yes, since security is one of the goal, and I invit anyone to find security issues and to report them to me.

]]> http://blog.cberger.net/2008/06/23/shiva-a-lot-of-excitement-for-a-small-achievement/comment-page-1/#comment-155 Thomas Tue, 24 Jun 2008 06:42:00 +0000 http://cyrilleberger.wordpress.com/2008/06/23/shiva-a-lot-of-excitement-for-a-small-achievement#comment-155 Cool stuff, I noted that one line about virus.</>The fact that your engine is implemented in C means that there is a good chance there are traditional bugs in there, like buffer overflow and the like. These can actually most of the time be exploited by a well written virus.</>So, please do check with valgrind and let as many experienced C-gurus look it over as possible :) Cool stuff, I noted that one line about virus.The fact that your engine is implemented in C means that there is a good chance there are traditional bugs in there, like buffer overflow and the like. These can actually most of the time be exploited by a well written virus.So, please do check with valgrind and let as many experienced C-gurus look it over as possible

]]> http://blog.cberger.net/2008/06/23/shiva-a-lot-of-excitement-for-a-small-achievement/comment-page-1/#comment-154 Benoit Tue, 24 Jun 2008 01:15:00 +0000 http://cyrilleberger.wordpress.com/2008/06/23/shiva-a-lot-of-excitement-for-a-small-achievement#comment-154 Man, for doing all this, how many arms do you have? Oh, wait, I suppose that this is why you called it Shiva...</></>Anyway, the idea of using llvm to do high-performance scripting seems wonderful, and the C-like syntax is indeed a great idea, should help adoption a lot. Man, for doing all this, how many arms do you have? Oh, wait, I suppose that this is why you called it Shiva…Anyway, the idea of using llvm to do high-performance scripting seems wonderful, and the C-like syntax is indeed a great idea, should help adoption a lot.

]]>