Someone said uninitialized read is accessing an unwritten but allocated memory space. And there’s also someone said it is accessing an unallicated memory space. So I am here to double check the meaning and BTW: Could you briefly explain what do "written" and "allocated" mean.
Asked
Active
Viewed 552 times
0
-
You need to provide the exact context. Unallocated and uninitialized - are two different things. – Eugene Sh. Sep 22 '21 at 18:46
-
In the absence of more specific terminology, "uninitialized read" could refer to using a declared (local) variable that has not been initialized. This could be considered "allocated" but not in the explicit sense of using ```malloc``` or equivalent. – sj95126 Sep 22 '21 at 18:57
-
Please provide enough code so others can better understand or reproduce the problem. – Community Sep 30 '21 at 06:50
2 Answers
0
Hard to say without full context but here is best guesses --
uninitialized read -- you would say this when a variable or structure is read from memory without a value or default having been written to it. Thus you are reading unitialized (random) data. If a hacker could write to that memory location they could cause your system to act unexpectedly.*
TO FIX: make sure all allocated data and structures have default values written to them.
unallocated memory -- this is memory that has not specifically been marked as used by your application. This means any application or system could write to this memory and impact your system (since you are not reading from space that is designated for your application.
TO FIX: make sure you allocate all memory you use using your memory management system of choice.
*It has been pointed out that the system might behave unexpected anyway but the fact the system could be controlled by an outside agency was my point
Hogan
- 69,564
- 10
- 76
- 117
-
You don't need a hacker to cause your program to act unexpectedly. Reading uninitialized memory is undefined behavior so the compiler can do what it wants at that point. Your program can act unexpectedly already. – Kevin Sep 22 '21 at 19:12
-
@kevin - I am not sure why you've brought compilers into question for this answer, but since you did, I believe invocation of _undefined behavior_ is a run-time phenomena, as is _reading memory_ (initialized or not). Neither has anything to do with compile time issues. With clean syntax a compiler will give a clean compile, but has no clue that the binary it produces has the potential for undefined behavior or not. – ryyker Sep 22 '21 at 19:23
-
@ryyker Programs that have undefined behavior are not valid C programs, so the compiler is free to do whatever it wants. The executable that it generates can do anything. For example the compiler could recognize that all paths of a function read uninitialized memory, and since that's undefined behavior, it must never happen. Thus it deletes the function and makes it do nothing at all. – Kevin Sep 22 '21 at 19:59
-
@Kevin - I believe you are intending to convey that the _run-time environment_ is free to do whatever it wants. The compiler has nothing to do with running code. The compiler does not even have to be on the computer running the code at run-time. Two separate things. – ryyker Sep 22 '21 at 20:39
-
@ryyker The compiler can do what it wants to the executable when it's creating it. Therefore the executable can act unexpectedly. – Kevin Sep 22 '21 at 20:43
-
@Kevin -- my point was how it was a security risk clearly -- are you really giving me a down vote because I did not use the correct emphasis on an answer that did give the correct definitions – Hogan Sep 22 '21 at 21:02
-
-
FYI - The down vote occurred early on. Sometime before I first noticed Kevins comments. (which I still do not fully understand) but just so you know, I also did not register that vote. I think its worth an up-click. – ryyker Sep 22 '21 at 21:12
-
@ryyker: Re “I believe invocation of *undefined behavior* is a run-time phenomena”: C 2018 3.4.3 says “Note 1…: Possible undefined behavior ranges from ignoring the situation completely with unpredictable results, to behaving during translation or program execution in a documented manner characteristic of the environment (with or without the issuance of a diagnostic message), to terminating a translation or execution (with the issuance of a diagnostic message).” The notion that undefined behavior is something that is “invoked” is misleading. It is not a thing. It is a lack of specification. – Eric Postpischil Sep 23 '21 at 01:59
-
Re “If a hacker could write to that memory location they could cause your system to act unexpectedly”: If a hacker could write to a memory location, they could cause the system to act unexpectedly regardless of whether or not the location is initialized before it is used. General-purpose multiuser operating systems are designed to prevent unauthorized processes from changing the memory of other processes. If that design fails, the system is compromised, and this has nothing to do with whether memory is initialized or not and does not belong in an answer to the question here. – Eric Postpischil Sep 23 '21 at 02:02
-
Re “unallocated memory -- this is memory that has not specifically been marked as used by your application. This means any application or system could write to this memory and impact your system (since you are not reading from space that is designated for your application”: No, that is not what that means. A general-purpose multiuser operating system is designed not to allow unauthorized processes to write to arbitrary memory, even if it has not been allocated to other processes. And special-purpose single-user systems are used only for trusted processes. – Eric Postpischil Sep 23 '21 at 02:04
-
@EricPostpischil -- I appreciate your comments and you are right about many modern operating systems -- but not right about all of them. It is also possible to have C code run as core or driver privileges and not be under the same rules you describe. Here we are talking about the abstract concepts and not getting into the weeds about what exactly would happen in every case. – Hogan Sep 23 '21 at 15:35
0
Could you briefly explain what do "written" and "allocated" mean.
“Allocated” means the memory has been designated for a specific use.
When int x; appears inside a function in a C program, memory is automatically allocated for it. (It is automatic in that the compiler arranges for the memory to be reserved for x, so the author of this function does not have to do anything else to get that memory.) Memory can also be allocated in other ways, such as by explicit request, and C has rules for which declarations do or do not reserve memory that can be somewhat complicated.
When memory is automatically allocated in this way, it is not automatically initialized. This means the program has decided a certain part of memory will be used for x but it has not put any value into it. That memory could contain a value left over from prior use, or it could contain zero from when the operating system cleared it before assigning it to the program, or it could contain something else. (Additionally, due to the rules of the C standard and the complexities of modern compilers, memory that is not initialized can cause complications in your program. It may act in ways that are confusing to beginners.)
To ensure the memory has a defined value, you should initialize it. This can be done in the definition, as with int x = 3;, or it can be done later, as with x = 3;.
Setting an object to a value is also called writing to memory, storing to memory, storing to an object, and assigning a value. So, if you have written a value to an object, you have initialized it. (“Initialization” generally refers to the first time a value is written to a new object, but we can also say we are “reinitializing” something when we are resetting its value to a state we consider “earlier” in some sense.)
Someone said uninitialized read is accessing an unwritten but allocated memory space. And there’s also someone said it is accessing an unallicated memory space.
“Uninitialized read” is a somewhat crude term. Properly, we might say a “read of uninitialized memory,” and that is indeed reading memory that is uninitialized. Even if the memory assigned for a new object, say x, was previously used for something else, we refer to that memory as uninitialized once it has been newly designated for the new object and not yet written to.
“Uninitialized read” does not mean accessing unallocated memory.
Eric Postpischil
- 195,579
- 13
- 168
- 312