On Monday, 19 September 2016 at 14:22:16 UTC, Steven
Schveighoffer wrote:
On 9/19/16 7:27 AM, Lodovico Giaretta wrote:
What I'd like to know: is this usage widespread? Should we
forbid it for
the sake of security?
No. There is no security concern here. You are dereferencing a
null pointer, which is perfectly safe.
-Steve
I beg to defer, null pointer dereference is certainly not safe in
the general case. In many cases it lead to code execution or
privilege escalation. See for example CVE-2008-568 [1] for an
example in kernel space or CVE-2009-0385 [2] in user space.
The idea is that you are really trying to call a function in a
part of memory that is not mapped, but if you are able to map the
zero page and control what function pointer is present there then
it is exploitable. I'd like people to get away from the idea that
null pointer dereference is safe, it's not. In most cases it's
not exploitable but that's definitely not a safe spot.
That being said I don't think it should be the burden of the
library or language to deal with this for the reasons you exposed.
[1] http://www.trapkit.de/advisories/TKADV2008-015.txt
[2] http://www.trapkit.de/advisories/TKADV2009-004.txt
