How programming in C got me in trouble with the law

S

stonemcstone

I've been programming in C for years, and never experienced troubles
until I started using the new RealC-32, a freeware C compiler from the
same company that makes RealPlayer and Quicktime. That's when the
trouble started. See, RealC-32 is like any other C compiler but with
one notable difference. Any time your code invokes undefined
behavior-- for example by dereferencing an uninitialized pointer--
rather than the usual segmentation fault, instead the program will chug
along as usual, but will silently start launching spam emails and
spyware from the computer.

It was only a matter of time before I accidentally forgot to initialize
a pointer before dereferencing it. Then, sure enough, in place of the
usual segfault, my computer started sending porn to every email account
on the 'net. Hours later, the feds busted down my door and I was
hauled off kicking and screaming.

At my trial I insisted I was not responsible for the spam, that it was
the fault of RealC-32. But a representative from the company pointed
out that they were completely in compliance with the C standard, which
allowed them free reign to do as they pleased with my computer once I
dereferenced that uninitialized pointer. The judge agreed that I was
merely using a RealC-32 extension to simplify the creation of the
spam-sending software, and that I was just as responsible for it as I
would be if I'd explicitly programmed it using, say, gcc. In the end I
was forced to succumb to their logic-- they were, afterall, quite
right.

EPILOGUE

Stone McStone continues to serve hard time in a federal "pound me in
the ass" prison. Hopefully he's learned his lesson about dereferencing
uninitialized pointers! RealC-32 has made millions of dollars by
selling adware contracts to small startup businesses. They are
currently negotiating with Diebold Inc. trying to win the contract to
provide the C compiler for Diebold's controversial e-voting machines.
 
F

Frederick Gotham

Stone McStone posted:
It was only a matter of time before I accidentally forgot to initialize
a pointer before dereferencing it.


I take it you're a novice... ? Truthfully, I can't remember the last time I
used an uninitialised pointer; I know when I was just learning about
pointers, that I made the usual beginner mistake of:

char *p;

p = 5;

, but that was because I lacked an understanding of what a pointer is.
 
S

stonemcstone

Frederick said:
Stone McStone posted:



I take it you're a novice... ? Truthfully, I can't remember the last time I
used an uninitialised pointer; I know when I was just learning about
pointers, that I made the usual beginner mistake of:

char *p;

p = 5;

, but that was because I lacked an understanding of what a pointer is.

Alas, I am indeed a novice. If only I had your genius- dare I say,
youre almost DIVINE genius- I would not be held in federal prison
today. There isn't a day that goes by when I don't think about that
dereferenced pointer and all the chaos and destruction it has caused.
Everything... ruined. Darkness. Death comes. All is lost.
 
F

Frederick Gotham

Stone McStone posted:
Alas, I am indeed a novice. If only I had your genius- dare I say,
youre almost DIVINE genius-


I might have above-average intelligence, but I'm no genius.

I would not be held in federal prison today. There isn't a day that
goes by when I don't think about that dereferenced pointer and all the
chaos and destruction it has caused. Everything... ruined. Darkness.
Death comes. All is lost.


Ah well, either:

(1) Try not to write code whose behaviour is undefined.
(2) Get a compiler which will deal gracefully with your undefined behaviour.
 
S

Spiros Bousbouras

Alas, I am indeed a novice. If only I had your genius- dare I say,
youre almost DIVINE genius- I would not be held in federal prison
today. There isn't a day that goes by when I don't think about that
dereferenced pointer and all the chaos and destruction it has caused.
Everything... ruined. Darkness. Death comes. All is lost.

My theories in random order:

1) Troll.
2) Someone very bored who decided to post random
stuff on a group.
3) Someone who wants to tarnish the reputation of a
certain company mentioned in the opening post.
 
F

Frederick Gotham

Spiros Bousbouras posted:
My theories in random order:

1) Troll.
2) Someone very bored who decided to post random
stuff on a group.
3) Someone who wants to tarnish the reputation of a
certain company mentioned in the opening post.


Ah yes, I realise this. I found the original post interesting nonetheless.
 
R

Richard Heathfield

Frederick Gotham said:
Stone McStone posted:



I might have above-average intelligence, but I'm no genius.

Precisely the same description applies to a basset hound.

He's ***sending you up***. Don't you see that? YHBT!

If you're really of above-average intelligence, you'll know when to fold.
 
F

Frederick Gotham

Richard Heathfield posted:
Frederick Gotham said:


Precisely the same description applies to a basset hound.

He's ***sending you up***. Don't you see that? YHBT!

If you're really of above-average intelligence, you'll know when to fold.


I'm aware of the nature of this thread, although I though it had an
interesting point: Where the Standard specifies that the behaviour is
undefined, the implementation is free to do whatever it likes -- including
running Spyware. ;) The "nose demons" expression has run its course!
 
S

Spiros Bousbouras

Frederick said:
I'm aware of the nature of this thread, although I though it had an
interesting point: Where the Standard specifies that the behaviour is
undefined, the implementation is free to do whatever it likes -- including
running Spyware. ;)

I think this needs some clarification , in particular the "free
to do" part. As far as being logically consistent with the C
standard goes then it is true that the implementation is free
to run spyware when encountering undefined behaviour and
still conform to the standard. However a person writing a
C compiler operates in the real world so he/she is restricted
by rules in addition to what the C standard specifies. Most
relevant to the spyware possibility are the rules of good behaviour
and the laws of each country.

If I had reason to believe that a compiler might start running
spyware after encountering undefined behaviour I wouldn't
trust the compiler and therefore stop using it not because the
standard was violated (which it wasn't) but because the rules
of good behaviour as I understand them were violated. After
all if someone is perverted enough to create a compiler which
behaves in such a manner then they cannot be trusted even if
they say that their compiler is conforming ; it might run spyware
even when the programme does not contain undefined behaviour.
From a practical point of view I think that "undefined behaviour"
will almost always mean one of the following two things:

1) That the compiler will contain no special provisions to deal
with the case so the output will essentially be random. As such
I would expect that the probability of erasing the whole hard disk
is vanishingly small and running spyware practically impossible.
The probability that the compiler has a bug so the behaviour would
be random even when encountering correct code is larger , I think ,
that the probability of any of the above two events happening.

2) That the compiler does contain some special provision as
part of a joke. The obvious example is some version of gcc which
ran Towers of Hanoi when encountering the pragma directive (which
was implementation defined rather than undefined).


The reason I wrote all the above is because I feel that when the
subject of undefined behaviour comes up on this group, it is dealt
with in a somewhat idealistic manner ie if the behaviour is defined
then you are certain what is going to happen but if it is undefined
then anything goes. My point is that realistically speaking if the
behaviour is defined by the standard you are still not certain because
the compiler might have bugs and if it is undefined it is still the
case
that some things which are permitted by the natural laws can not
be expeted to happen.
 
K

Keith Thompson

Spiros Bousbouras said:
From a practical point of view I think that "undefined behaviour"
will almost always mean one of the following two things:

1) That the compiler will contain no special provisions to deal
with the case so the output will essentially be random. As such
I would expect that the probability of erasing the whole hard disk
is vanishingly small and running spyware practically impossible.
The probability that the compiler has a bug so the behaviour would
be random even when encountering correct code is larger , I think ,
that the probability of any of the above two events happening.

2) That the compiler does contain some special provision as
part of a joke. The obvious example is some version of gcc which
ran Towers of Hanoi when encountering the pragma directive (which
was implementation defined rather than undefined).

(It was nethack, not Towers of Hanoi.)

Undefined behavior isn't random, it's arbitrary. This is an important
distinction; the word "random" has a specific mathematical meaning,
and using it in this context can raise unrealistic expectations.

Even if the behavior in the presence of, say, a buffer overflow is
purely accidental, if there's code on the system that will reformat
your hard drive, it's conceivable that a misbehaving program could
accidentally branch to that code.

But the results of undefined behavior aren't always purely accidental.
Viruses and other malware typically work by *deliberately* exploiting
buffer overflows. And if it were physically possible for a computer
system to make demons fly out of your nose, you can be that some virus
writer would make it do so.
 
S

Spiros Bousbouras

Keith said:
(It was nethack, not Towers of Hanoi.)

It was more than one programmes including Towers of
Hanoi. See http://www.abelsson.com/?page=expertcprogramming
Undefined behavior isn't random, it's arbitrary. This is an important
distinction; the word "random" has a specific mathematical meaning,
and using it in this context can raise unrealistic expectations.

I don't think that the word random on its own has a specific
mathematical
meaning. Things like "random variable" have a specific mathematical
meaning.
I believe that in the context that I used it random has the same
meaning
as one of the meanings of arbitrary and there is less chance that it
will create
the wrong impression.
Even if the behavior in the presence of, say, a buffer overflow is
purely accidental, if there's code on the system that will reformat
your hard drive, it's conceivable that a misbehaving program could
accidentally branch to that code.

Yes , it's conceivable. Just very unlikely especially with the
protections
of modern operating systems. And I would say that a compiler bug
is at least as likely to have the same effect on a correct programme.
But the results of undefined behavior aren't always purely accidental.
Viruses and other malware typically work by *deliberately* exploiting
buffer overflows. And if it were physically possible for a computer
system to make demons fly out of your nose, you can be that some virus
writer would make it do so.

Indeed but in such a scenario the behaviour isn't undefined
anymore. The virus writer has made it defined (to suit their
own purposes).
 
K

Keith Thompson

Spiros Bousbouras said:
Keith Thompson wrote: [...]
(It was nethack, not Towers of Hanoi.)

It was more than one programmes including Towers of
Hanoi. See http://www.abelsson.com/?page=expertcprogramming

You're right, I had forgotten that detail.
I don't think that the word random on its own has a specific
mathematical meaning. Things like "random variable" have a specific
mathematical meaning. I believe that in the context that I used it
random has the same meaning as one of the meanings of arbitrary and
there is less chance that it will create the wrong impression.

Hmm. Perhaps, but for me the word "random" carries with it an
implication that the possible outcomes are determined by some
consistent probability distribution. In fact, the outcome is
determined by Murphy's Law -- or at least it's safest to think of it
that way.
Yes , it's conceivable. Just very unlikely especially with the
protections of modern operating systems. And I would say that a
compiler bug is at least as likely to have the same effect on a
correct programme.

If there's an available library routine that can reformat a disk, and
if your program is running with sufficient privileges to invoke that
routine (which is plausible on some systems), then there's a risk that
it could happen accidentally.
Indeed but in such a scenario the behaviour isn't undefined
anymore. The virus writer has made it defined (to suit their
own purposes).

No, the behavior is still undefined as far as the C standard is
concerned. The point is that, in some cases, the outcome can be
determined not by random chance, or even by applied Murphology, but by
conscious malice.
 
?

=?ISO-8859-1?Q?=22Nils_O=2E_Sel=E5sdal=22?=

I've been programming in C for years, and never experienced troubles
>until I started using the new RealC-32, a
[lots-of-more-bull-shit]

Are you ok ? Should we call a doctor ?
 
K

Kenneth Brody

Spiros Bousbouras wrote:
[...]
From a practical point of view I think that "undefined behaviour"
will almost always mean one of the following two things:

1) That the compiler will contain no special provisions to deal
with the case so the output will essentially be random. As such
I would expect that the probability of erasing the whole hard disk
is vanishingly small and running spyware practically impossible.
The probability that the compiler has a bug so the behaviour would
be random even when encountering correct code is larger , I think ,
that the probability of any of the above two events happening.

You've never run on a system with memory-mapped I/O, have you? A
simple strcpy() or memmove() with in an uninitialized pointer is
enough to start very nasty things happening.

Ditto for platforms without some hardware memory protection, such
as an x86 "real mode" platform. Overwrite the wrong memory, and
the O/S may start scribbling all over the drive.
2) That the compiler does contain some special provision as
part of a joke. The obvious example is some version of gcc which
ran Towers of Hanoi when encountering the pragma directive (which
was implementation defined rather than undefined).

While it's true that it's not likely that a compiler writer has gone
out of his way to explicitly program some behavior for UB situations,
the fact is that one doesn't have to "go out of the way" to do so.
And your gcc example proves that they sometimes do explicitly write
such things. (Though any "good" compiler writer is probably good
enough to do something humorous like a Tower of Hanoi program, rather
than malicious like spyware.)

[...]

--
+-------------------------+--------------------+-----------------------+
| Kenneth J. Brody | www.hvcomputer.com | #include |
| kenbrody/at\spamcop.net | www.fptech.com | <std_disclaimer.h> |
+-------------------------+--------------------+-----------------------+
Don't e-mail me at: <mailto:[email protected]>
 
K

Kenneth Brody

Keith Thompson wrote:
[...]
Even if the behavior in the presence of, say, a buffer overflow is
purely accidental, if there's code on the system that will reformat
your hard drive, it's conceivable that a misbehaving program could
accidentally branch to that code.

As I recall, old hard drive I/O cards for the IBM-PC market often had
low-level format code in the BIOS. Jump to the right address, and the
magnetic flux that was once your data was just a memory.

[...]

--
+-------------------------+--------------------+-----------------------+
| Kenneth J. Brody | www.hvcomputer.com | #include |
| kenbrody/at\spamcop.net | www.fptech.com | <std_disclaimer.h> |
+-------------------------+--------------------+-----------------------+
Don't e-mail me at: <mailto:[email protected]>
 
R

Richard Heathfield

Keith Thompson said:

Even if the behavior in the presence of, say, a buffer overflow is
purely accidental, if there's code on the system that will reformat
your hard drive, it's conceivable that a misbehaving program could
accidentally branch to that code.

In Liverpool, late 1989, this very nearly happened (on the machine *next* to
mine!) when the programmer forgot that you need one byte for a string's
null terminator. The branch was to the part of MS-DOS that said something
along the lines of "Formatting drive C: will trash the disk - continue
(Y/N)?" - not that exact wording, obviously, but it was clearly a "near
miss".

And in - er, either 1990 or 1991, the chap across the desk from me made
precisely the same error, and trashed his machine's CMOS. Fortunately,
Compaq had provided us with diagnostic diskettes which allowed us to boot
the machine and correct the problem.

"Nasal demons" *do* happen, people. It's just that they don't always wear
red jumpsuits.
 
P

pete

I've been programming in C for years, and never experienced troubles
until I started using the new RealC-32, a freeware C compiler from the
same company that makes RealPlayer and Quicktime. That's when the
trouble started. See, RealC-32 is like any other C compiler but with
one notable difference. Any time your code invokes undefined
behavior-- for example by dereferencing an uninitialized pointer--
rather than the usual segmentation fault,
instead the program will chug
along as usual, but will silently start launching spam emails and
spyware from the computer.

It was only a matter of time
before I accidentally forgot to initialize
a pointer before dereferencing it.

OK ..., I understand the humor, but it's not making me laugh.
It needs work.

Here's a polished bit of humor on the "do my homework" topic.
This is easily two full orders of magnitude funnier.

http://groups.google.com/group/comp.lang.c/msg/e181c58037083416
 
S

Simon Biber

Frederick said:
I've been programming in C for years, and never experienced troubles
until I started using the new RealC-32, a freeware C compiler from the
same company that makes RealPlayer and Quicktime.

Spiros said:
My theories in random order:

1) Troll.
2) Someone very bored who decided to post random
stuff on a group.
3) Someone who wants to tarnish the reputation of a
certain company mentioned in the opening post.

1) Troll or joke, take your pick.
2) What? Bored? Isn't everyone on this group?
3) It's not very certain which company, given that RealPlayer and
Quicktime are made by two separate companies (RealNetworks and Apple).
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top