Pointers are more abstract than you might expect in C

/ hownot2code / Leave a comment

By Stefan Schulze Frielinghaus

A pointer references a location in memory and dereferencing a pointer refers to the lookup of the value of the memory location the pointer references. The value of a pointer is a memory address. The C standard does not define the representation of a memory address. This is crucial since not every architecture makes use of the same memory addressing paradigm. Most modern architectures make use of a linear address space or something similar. Still, even this is not precise enough since you might want to talk about physical or virtual addresses. Some architectures make even use of non-numeric addresses. For example, the Symbolics Lisp Machine makes use of tuples of the form (object, offset) as addresses.

Continue reading

Android Operating System: One Potential Vulnerability per 4000 Lines of C++ Code

/ hownot2code / Leave a comment

 

For many years, Andrey Karpov has been publishing articles on code quality, and bugs reviews of open source projects. For example, he is the author of such publications as “The Ultimate Question of Programming, Refactoring, and Everything” and “27 000 Errors in the Tizen Operating System“.

image1

Recently, the open source Android operating system has become of interest for him. He researched that part of the operating system code, which is written in the C and C++ languages. After that he came to a conclusion, which always takes place after such research: human error is always possible. By using the PVS-Studio tool, it becomes possible to detect at least one security defect (potential vulnerability) per 4000 lines of code.

Continue reading