undefined | Better HN

0 pointslmm1y ago0 comments

Recursion is recursion, unbounded memory allocation is unbounded memory allocation, neither necessarily implies the other.

When an algorithm requires x bytes of memory for a given input it shouldn't matter whether a given implementation of that algorithm uses x bytes of implicit stack from recursion, x bytes of heap allocated with malloc, or something else; however unfortunately in various poor programming language implementations this does make a big difference, such as the case described in the article. The problem is not recursion nor the algorithm, the problem is the poor implementation of recursion in their C compiler, and as such it can be avoided by expressing the same algorithm without that C recursion (which is trivial). Even in the unlikely event that such an expression exhausted available memory (implausible), it would not be a security issue.

0 comments

DonHopkins1y ago

> the problem is the poor implementation of recursion in their C compiler

Please explain how your hand rolled implementation of recursion using malloc is better than every C compiler's. Show us the code! Have you opened an issue on GCC or Clang so they can fix their buggy C compilers with your brilliant secure ground-breaking memory-less law-of-thermodynamics-defying recursion algorithm? There may be a Turing Award in it for you!

lmmOP1y ago

> Please explain how your hand rolled implementation of recursion using malloc is better than every C compiler's.

Because I don't use "the" stack and thus don't have stack overflows.

> Have you opened an issue on GCC or Clang so they can fix their buggy C compilers with your brilliant secure ground-breaking memory-less law-of-thermodynamics-defying recursion algorithm? There may be a Turing Award in it for you!

Of course not, it's just trading stack for heap like you can find in any basic CS textbook. But the heap can generally safely grow bigger than the stack and "overflowing" the heap is not a security vulnerability (you do check the return value of malloc, right?). Again, this is the opposite of Turing Award territory, it's all CS 101 stuff.

GCC and Clang prioritise performing well on microbenchmarks over making it practical to implement programs without security vulnerabilities. This is also sadly well known.

j / k navigate · click thread line to collapse