1828207 Members
2204 Online
109975 Solutions
New Discussion

Re: Overflow

 
SOLVED
Go to solution
Uwe Zessin
Honored Contributor

Re: Overflow

I am sure that will break quite some programs on VAX...


It's been some years since I helped a customer to port from VAX to Alpha. He had one small MACRO source file and when I did:

$ macro/migrate pgm

well, the compiler spit out two pages of error messages. The customer responded with a big GULP!

Now, I did a short look over the source, inserted two lines and the result was:

$ macro/migrate pgm
$

He almost fell off the chair :-)

There simply was no PSECT in the source and I just created a CODE and a DATA psect.
.
Bojan Nemec
Honored Contributor

Re: Overflow

Uwe,

It could be implemented so that old images works just like now. When you compile on the new version you receive a "protected" image, or with a qualifier to the compiler (or maybe to the linker, because I think this is an image activator problem) turn off the protection.
The problematic compiler is probably MACRO32 on VAX which can be upgraded to spit pages of error messages, as you say (nice verb for a bunch of errors :-).
With this new programs can be protected and, with time, all programs with a small number of exceptions will become protected.

Bojan
Ian Miller.
Honored Contributor

Re: Overflow

Whatever is done would have to be optional for backwards compatability and switched on by compiler switch, system paramter etc.

I don't think anything would be done for VAX/VMS but I think something could be done for alpha vms and itanium vms.

Parhaps its time for another entry on the hpadvocacy web site? (as well as discussing it with your favorite hp VMS contact).
____________________
Purely Personal Opinion
Jan van den Ende
Honored Contributor

Re: Overflow

Ian,

as I still cannot enter deep enough into the Advocasy site (something with confusion about logging in the one site and address a mirror or the other way around, and then NOT being authorized on that. Being worked on),
would you please do the service?
I guess entering a pointer to this stream will get the message over.

Cheers.

Have one on me.

jpe

Don't rust yours pelled jacker to fine doll missed aches.
Ian Miller.
Honored Contributor
Solution

Re: Overflow

I've submitted this but it wont appear just yet. When I submitted this the following was displayed
"Your issue will not appear immediately. All submitted issues are reviewed for posting each Monday. If there are questions about your issue submission, you will be contacted via email.
"

When it appears I will post a link here and you can all go and vote.
____________________
Purely Personal Opinion
Ian Miller.
Honored Contributor

Re: Overflow

Its here
http://www.hpuseradvocacy.org/advocacy/metoo/metooissue.cfm?IssueID=1833

VMS I64 V8.2 has the noexecute protection. Alpha does not.

____________________
Purely Personal Opinion
Lawrence Czlapinski
Trusted Contributor

Re: Overflow

1. Best programming is to use strncpy rather than strcpy. It is a step in the right direction. Perhaps part of the answer is to add C/C++ library routines where the array sizes are passed and the string sizes are checked against the maximum.
Qualtity Assurance: One of the tests should be to pass a string that overflows the array.
The software should detect the overflow and report an error code back to the calling routine. The calling routine should report the error.
2. Yes, the lack of the array size being known to the receiving routine in C and C++ is a serious weakness in C and C++. Best programming practice would be to pass the array size to subroutines and check that the string(s) aren't longer than the array.
3. ADA was an excellent idea. Unfortunately it was so complex that few companies ever tried it much less stayed with it. It has strong data typing which would be helpful to have in C and C++.
4. I have seen too many times where programmers haven't even reported errors that their software detected, don't give the routine name where the error occurred, or don't report the error from the calling routine.
5. Unix often doesn't even give you an error message if you type a non-existant command.
Lawrence
Ian Miller.
Honored Contributor

Re: Overflow

Lawrence, VMS native API's use descriptors for this reason. BLISS does not really have any typing at all but, with discipline, significant programs can be written in a robust and secure manner (see VMS for fine examples :-). It's the programmer attitude - compare VMS and unix way of doing things. Programmers I have seen from a Windows background are also often sloppy - not all of them, of course there are good ones too.

I think more could be done with the C compiler but the main thing is training the programmers properly.
____________________
Purely Personal Opinion
Uwe Zessin
Honored Contributor

Re: Overflow

I've seen a lot of 'sloppy' and even careless programming on VMS, too.

One of my previous employers bought a 'piece of software' where the programmers, for example, didn't bother to check return codes.

One problem I've debugged was a looping process (it was written in VAX PASCAL, but in the debugger session I used the machine code...). Turned out it had eaten all its ENQLM quota. In the end the problem was that:

- the return status from SYS$ENQW was not checked at all, so the software never found out when the quota was exhausted

- the status code in the LKSB was checked for one (1!) specific value. If that was met, or not - I don't remember after all these years, the code just tried another SYS$ENQW

Another problem in this software was that many status codes were 'compressed' to an application-specific error code with no way to find out the real cause.

Or how about trying to use FMS to signal error messages in a detached process?

Defining duplicate logical names in SUPERVISOR and EXECUTIVE mode in the job logical name table?

Oh, man. I could go on and on...

And that was only one software used in manufacturing sold for a lot of money.
.
Jan van den Ende
Honored Contributor

Re: Overflow

Uwe,
you hit a pain-point there!

Sloppy code by sloppy programmers will probably NEVER be extinguished.

-- and the case you described really sounds like specifically written for VMS.

But, just trusting that anything that runs once will always run, or only expecting one single specific deviant return status, that is not the USUAL behavior that is (used to be?) taught in VMS programming courses!

Then again, lots (and ever more) code is ported from other platforms, and, sorry to say, that _IS_ a frequent source of just this kind of sloppiness.

How this can be helped? bweuhh.

I can not think of any way to have some means of enforcing good practise / block bad practise.

Personally, if, say, the linker, or some pre-processor or after-processor could find a significant percentage of such sloppiness, I would VERY VERY welcome that, even if it would take 100 times more time/CPU power than the total compile-&-link suite!!

Just wishfull thinking, I am afraid.

Proost.

Have one on me.

jpe
Don't rust yours pelled jacker to fine doll missed aches.
Uwe Zessin
Honored Contributor

Re: Overflow

> and the case you described really sounds like specifically written for VMS.

You'd win that bet :-) The software used DEC Rdb and made heavy use of VMS (FMS, system services, global sections...)

Ah, another example of incompetence for you enjoyment...

Assignment for printers is in the database, but must be loaded into global sections. The problem is that once a user has started his programm, the information is copied from the GBL into process private memory and never updated.

If you make a change you need to update the database, re-load the GBL and then the user has to restart his program! Sigh. Users don't print that often, why isn't that information directly fetched from the database?
.