为什么某些语言未实现边界检查? [英] Why is bounds checking not implemented in some of the languages?
问题描述
根据Wikipedia(http://en.wikipedia.org/wiki/Buffer_overflow)
According to the Wikipedia (http://en.wikipedia.org/wiki/Buffer_overflow)
通常与缓冲区关联的编程语言溢出包括C和C ++,它们没有提供针对访问或覆盖内存任何部分中的数据的内置保护,并且不会自动检查写入数组(内置缓冲区类型)的数据是否在该数组的边界内。边界检查可以防止缓冲区溢出。
Programming languages commonly associated with buffer overflows include C and C++, which provide no built-in protection against accessing or overwriting data in any part of memory and do not automatically check that data written to an array (the built-in buffer type) is within the boundaries of that array. Bounds checking can prevent buffer overflows.
那么,为什么在某些语言(例如C和C ++)中未实现边界检查?
So, why are 'Bounds Checking' not implemented in some of the languages like C and C++?
推荐答案
基本上,这是因为这意味着每次更改索引时,都必须执行if语句。
Basically, it's because it means every time you change an index, you have to do an if statement.
让我们考虑一个简单的C for循环:
Let's consider a simple C for loop:
int ary[X] = {...}; // Purposefully leaving size and initializer unknown
for(int ix=0; ix< 23; ix++){
printf("ary[%d]=%d\n", ix, ary[ix]);
}
如果我们进行边界检查,则生成的代码ary [ix]
必须类似于
if we have bounds checking, the generated code for ary[ix]
has to be something like
LOOP:
INC IX ; add `1 to ix
CMP IX, 23 ; while test
CMP IX, X ; compare IX and X
JGE ERROR ; if IX >= X jump to ERROR
LD R1, IX ; put the value of IX into register 1
LD R2, ARY+IX ; put the array value in R2
LA R3, Str42 ; STR42 is the format string
JSR PRINTF ; now we call the printf routine
J LOOP ; go back to the top of the loop
;;; somewhere else in the code
ERROR:
HCF ; halt and catch fire
如果我们没有边界检查,那么我们可以写: / p>
If we don't have that bounds check, then we can write instead:
LD R1, IX
LOOP:
CMP IX, 23
JGE END
LD R2, ARY+R1
JSR PRINTF
INC R1
J LOOP
这在循环中保存了3-4条指令,这(尤其是在过去)意味着很多。
This saves 3-4 instructions in the loop, which (especially in the old days) meant a lot.
实际上,在PDP-11机器中,甚至更好,因为有一种叫做自动增量寻址的东西。在PDP上,所有寄存器内容等都变成类似
In fact, in the PDP-11 machines, it was even better, because there was something called "auto-increment addressing". On a PDP, all of the register stuff etc turned into something like
CZ -(IX), END ; compare IX to zero, then decrement; jump to END if zero
(而且碰巧记得PDP的人比我还记得,不会给我麻烦,因为它的确切语法等等;你是像我这样的老屁,你知道这些东西是如何溜走的。)
(And anyone who happens to remember the PDP better than I do, don't give me trouble about the precise syntax etc; you're an old fart like me, you know how these things slip away.)
这篇关于为什么某些语言未实现边界检查?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!