That's the "spoofing" scenario, which as I implied above isn't
"interesting". The point where it falls apart is that a "proof" that some
piece of C code doesn't have any buffer overflows *cannot* be verified.
Type validation is useful, but only when the types themselves prevent
invalid accesses. C types don't insure that you can't write past the limits
of the typed address range (scalar variable, structure, array, etc.), so it
doesn't accomplish anything useful in practice.
-- brandon s. allbery [os/2][linux][solaris][japh] allbery@kf8nh.apk.net system administrator [WAY too many hats] allbery@ece.cmu.edu electrical and computer engineering KF8NH carnegie mellon university
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html