flat assembler
Message board for the users of flat assembler.

flat assembler > Main > Is handwritten asm more dangerous than compiled C code?

Goto page Previous  1, 2, 3
Author
Thread Post new topic Reply to topic
fasmnewbie



Joined: 01 Mar 2011
Posts: 529
And btw, if one think that C++ is free from "mysterious" behavior, then listen to this guy...

https://www.youtube.com/watch?v=3MB2iiCkGxg
Post 26 Sep 2018, 18:38
View user's profile Send private message Visit poster's website Reply with quote
Furs



Joined: 04 Mar 2016
Posts: 1266
fasmnewbie wrote:
It's not dangerous per se, but rather it is easier to make mistakes (or intentional 'mistakes') in ASM if one is not careful enough. A pseudo example;
Code:
mov rdi,0x007ce0fffffffe    ;a pointer to some string variable
add edi,2                   ;oops!    

Looks syntactically / arithmetically legit, but its a big no. You can give this bug any name you think fit because it fits into any types of bugs you can think of. This is no undefined behavior. It is simply being rude Very Happy
It's similar in C/C++ for different reasons though. This is a problem on 64-bit only, because int is not the same size as pointers anymore.

And every noob programmer always uses int everywhere or was taught like that from retards.

64-bit only issues in C/C++ that a LOT of people make:
  • Subtract two pointers and store in int? Security Vulnerability.
  • Many people also use something like ~0u to store a mask of "all 1s" in a type. But ~ is unary operator, and 0u is an unsigned int. So when it gets zero-extended to 64-bits (because it's unsigned int) you'll get only the lower half of 1s.
  • Using int for array indices of arbitrary input and size.
Post 27 Sep 2018, 17:39
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16057
Location: 112 Ocean Avenue, Amityville
I find in my assembly code that signed integers are almost never the correct type. Unsigned, using ja, jb, etc. is almost always the test I need.

If C made the amount of typing needed to specify unsigned, the same as signed (i.e. three characters i n t) then perhaps unsigned would be used more.

People are basically lazy so if it needs more typing then it gets ignored.
Post 27 Sep 2018, 18:01
View user's profile Send private message Visit poster's website Reply with quote
Furs



Joined: 04 Mar 2016
Posts: 1266
Oh that's another topic where I fully agree with you. It's about signed vs unsigned.

The "signed everywhere" mantra is one of the most annoying I've ever laid my eyes on. I'm personally sick of polluting the beauty of code just to cater to a bunch of retards who might assume that signed values are "available", and unfortunately you got some top figureheads in C++ committee and Google who preach this crap.

It's nice to see a few other people are of same mindset, so I'm not alone, cause it sometimes feels that way. This blog post is also on that topic: https://blackhole12.com/blog/signed-integers-considered-stupid-like/ Smile
Post 27 Sep 2018, 20:39
View user's profile Send private message Reply with quote
DimonSoft



Joined: 03 Mar 2010
Posts: 426
Location: Belarus
One more funny thing is when students come to C after two other languages (x86 assembly included) and find out that char is an integer type (not a problem) and is usually signed by default (not a problem as well). The problem is negative values in the debugger, very convenient in the world where most encoding tables are either unsigned or hexadecimal. Anyway, they’re aware that 'a' is of type int by that time and that arrays are not first-class citizens, so they’re not surprised.
Post 27 Sep 2018, 22:26
View user's profile Send private message Visit poster's website Reply with quote
Melissa



Joined: 12 Apr 2012
Posts: 60
I see long debates about integer overflow when talking about C, as that is also undefined behavior ;p
Post 28 Sep 2018, 06:14
View user's profile Send private message Reply with quote
Furs



Joined: 04 Mar 2016
Posts: 1266
Melissa wrote:
I see long debates about integer overflow when talking about C, as that is also undefined behavior ;p
Only on signed types.

Unsigned overflow is perfectly defined (just like asm).
Post 28 Sep 2018, 13:51
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2, 3

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2018, Tomasz Grysztar.

Powered by rwasa.