Re: Why are variables stored on the stack?
- From: CJ <cj@xxxxxxxxxx>
- Date: Sat, 15 Mar 2008 11:24:30 +0100 (CET)
Thanks for all the replies, this is an interesting discussion.
Here are a couple of points that occur to me:
1) Buffer overflows are a more serious security problem on the stack
than on the heap, because the program counter is stored on the stack and
not the heap, so that a malicious stack overflow can execute arbitrary
code. The heap is used for data exclusively, which is what I meant by
"separate data from executable code".
Even if a buffer on the heap overflows, the worst that can happen is
some (probably insignificant) data corruption. Since malloc() generally
allocates space in powers of 2, often an off-by-one error or similar
won't overwrite anything anyway, but will just land in the gap between
the end of the buffer and the next power of 2.
2) I believe the argument about it being more efficient to use the stack
than the heap is spurious - if I recall, both are O(N) data structures.
.
- Follow-Ups:
- Re: Why are variables stored on the stack?
- From: Stephen Sprunk
- Re: Why are variables stored on the stack?
- From: santosh
- Re: Why are variables stored on the stack?
- From: Malcolm McLean
- Re: Why are variables stored on the stack?
- From: Bartc
- Re: Why are variables stored on the stack?
- From: Eric Sosman
- Re: Why are variables stored on the stack?
- From: Harald van Dijk
- Re: Why are variables stored on the stack?
- From: Flash Gordon
- Re: Why are variables stored on the stack?
- From: Richard Heathfield
- Re: Why are variables stored on the stack?
- From: santosh
- Re: Why are variables stored on the stack?
- References:
- Prev by Date: Re: program for reading a file
- Next by Date: Re: program for reading a file
- Previous by thread: Re: Why are variables stored on the stack?
- Next by thread: Re: Why are variables stored on the stack?
- Index(es):
Relevant Pages
|
