11

I know some Java and am right now trying C++ instead and apparently in C++ you can do things like declare an int array of size 6, then change the 10th element of that array, which I'm understanding to be simply the 4th byte after the end of the section of memory that was allocated for the 6-integer array.

So my question is, if I'm careless is it possible to accidentally alter memory in my C++ program that is being used by other programs on my system? Is there an actual risk of seriously messing something up this way? I mean I know you can just restart your computer and clear the memory if you have to, but if I don't do that, there could be some lasting damage.

newprogrammer
  • 2,514
  • 2
  • 28
  • 46
  • 1
    Unless you're working on the ring 0 mode, you don't have to worry about this stuff. – Stan Jul 25 '11 at 08:56
  • 2
    There is a small mistake in your statement, it is not 4th byte after, its 4th int after which is 16 bytes if your system is 32bits. – Cem Kalyoncu Jul 25 '11 at 09:14
  • 1
    Every problem hackers create intentionally can of course also occur unintentionally. In that light, [this rather new article](http://blogs.forbes.com/andygreenberg/2011/07/22/apple-laptops-vulnerable-to-hack-that-kills-or-corrupts-batteries/) explains how you could damage hardware through malfunctioning software. – sbi Jul 25 '11 at 21:53

7 Answers7

20

It depends on your system. Formally, an out of bounds access is undefined behavior. On a modern general purpose system, each user process has its own address space, and one process can't modify, or even read, that of another process (barring shared memory), so unless you're writing kernel code, you shouldn't be able to break anything outside of your own process (and non-kernel code can't normally do physical IO, so I don't see how anything in the hardware could break).

If you're writing kernel code, however, or working on an embedded processor with no memory mapping or protection, you can literally destroy hardware with an out of bounds write; if the program is controlling something like a nuclear power plant, you can even destroy a lot more than just the machine your code is running on.

James Kanze
  • 150,581
  • 18
  • 184
  • 329
7

Each process is given its own virtual address space, so naturally processes don't see each others memory. Don't forget that even a buffer overrun that is local to your program can have dire consequences - the overrun may cause the program to misbehave and do something that has lasting effect (like deleting all files for example).

sharptooth
  • 167,383
  • 100
  • 513
  • 979
  • OK, so the only problem I'll deal with bugs within my program. Thanks! – newprogrammer Jul 25 '11 at 08:55
  • 2
    @newprogrammer: Don't get too relaxed too early. We had this gem http://stackoverflow.com/questions/908872/whats-the-worst-example-of-undefined-behaviour-actually-possible/3554343#3554343 even without writing over the array boundary - just reading over the boundary. It lead to some unrelated data being sent over the network which can be a huge problem. – sharptooth Jul 25 '11 at 08:57
  • nvm, so if my program works with files and can somehow delete them and for some reason my memory change tells it to do so, then all my files will be lost? – newprogrammer Jul 25 '11 at 08:58
  • @newprogrammer: Yes, for example that. Imagine you have a collection of files to delete and an overrun causes all files names to be written there - next time code for deletion runs with that collection all your files are deleted. – sharptooth Jul 25 '11 at 08:59
  • I'm so scared now, though from the thread you linked this kind of stuff is very unlikely – newprogrammer Jul 25 '11 at 09:03
  • @newprogrammer: Well, it is unlikely, but not very much. Which implies you have to follow best practices when writing code. – sharptooth Jul 25 '11 at 09:04
  • 1
    It's incredibly unlikely that anything bad would happen outside of the program itself. I've been programming C / C++ on Windows for a very long time and have never seen any bug delete files or cause any other damage. You should be careful if you have a looped or parametized delete or file write, but that's true of any language, including Java. – paperjam Jul 25 '11 at 09:16
  • 1
    @newprogrammer: Basically, Windows exists to protect your machine from your damage. If you can cause any damage from user space, that is an operating system fault and not your problem, and such is very very rare. I would not worry about it. – Puppy Jul 25 '11 at 09:18
  • You probably shouldn't entirely disregard the possibility that a memory error in your program may be exploited, by design or otherwise, to execute arbitrary code, and that in turn may abuse a vulnerability in your OS to launch other processes and gain privileges. So while a random out of bounds error will probably jus t kill your process, there is a latent potential for much worse in there. – Kerrek SB Jul 25 '11 at 12:22
4

This depends on what operating system and environment you are in:

  • Normal OS (Windows, Linux etc) userspace program: You can only mess up your own process memory. However having really bad luck this can be enough. Imagine for example that you make a call to some function that deletes files. If your memory is corrupted at the time of the call, the parameters to the function might be messed up to mean deletion of something else than you intended. As long as you keep from calling delete file routines etc. in the programs where you test memory handling, this risk is non-existent.
  • Normal OS, kernel space device driver: You can access system memory and the memory of the currently running process, possibly destroying everything.
  • Simple embedded OS without memory protection: You can access everything and destroy anything.
  • Legacey OS without memory protection (Win 3.X, MS-DOS): You can access everyting and destroy anything.
Anders Abel
  • 67,989
  • 17
  • 150
  • 217
2

Every program runs in its own address space and one program cannot access (read / modify) any other programs address space (this is a memory management technique called paging).

If you try to access an address in memory that your program cannot read it will cause a segmentation or page fault and your program will crash.

In answer to your question, no permanent damage will be caused.

cdyer
  • 1,220
  • 1
  • 12
  • 21
0

I'm not sure modern OS (especially win7) allows you to do that. The OS will block the buffer overrun action as you've described

NirMH
  • 4,769
  • 3
  • 44
  • 69
0

Back in the day (DOS times) some viruses would try to damage hardware by directly programming video or hard drive controller, but even then it was not easy or sure thing. Modern hardware and OSs make it practicaly impossible for user level applications to damage hardware. So program away :) you wont break anything.

Denis
  • 4,115
  • 1
  • 18
  • 20
0

There is a different possibility. Having a buffer overrun might allow ill reputed people to exploit that bug and execute arbitrary code in your clients computer. I guess thats bad enough. And the most dangerous part about overrun is that you may not find it even after a seriously excessive test.

Cem Kalyoncu
  • 14,120
  • 4
  • 40
  • 62