Mantis - Squeak
Viewing Issue Advanced Details
1070 VM crash always 04-13-05 03:12 06-07-05 21:01
tim  
tim  
high  
closed 3.8  
fixed  
none    
none 3.8  
0001070: Major holes in VM space security
Whilst looking at the suggested fix for 0001041 (LowSpaceAndInterruptHandler-dtl) I noticed several nasty places where the VM space security can be violated (sounds cool, eh. Commander! Space Security has been violated! Launch all StarFuries!) and the vm crashed without it even having a chance to bleat.

The internal nasty (the bug under the rug) is primitiveClone. It doesn't bother to check at all for sufficient space! Make a big bitmap, clone it a few times and blammo; no checking for lowspace will even be attempted. If by chance this were done in aloop where some other allocation got done it might possibly survive since 'proper' allocations will in effect do the space checking for it.

An external bug resides in primitiveClipboardText. Again, no checking for sufficient space and if some dimwit (aka 'user') happens to copy the entire text of War and Peace then most machines will get upset. Worse yet, the EU directive on the transport of duck eggs by road.

There are other uncheck users of #instantiateClass:indexableSize: but they mainly seem fairly innocuous. Making a String for a directory path is unlikely to be a major issue but just maybe. Most others are pretty constrained.

Fixing primitveClone is pretty obvious. Althoug it might seem obvious to add space checking to all the others as well it would be nice to avoid the performance hit if possible.We could for example add the check inside the #instantiate code but that would require rewriting almost every sender to deal with a failure return.
related to 0001041closed dway [VM][ENH] LowSpaceAndInterruptHandler-dtl 

Notes
(0001490)
tim   
05-15-05 06:29   
primitiveClone cleaned up. primitiveClipboard ditto. At least they won't calmly blow the VM away anymore.

VMMaker updated for 3.8
(0001493)
tim   
05-16-05 19:59   
in VMMaker 3.8 release due soon
(0001594)
tim   
06-07-05 21:01   
Changes added to VMMAker codebase. No further action needed.