Most OS's protect the null pointer and in practice this means that address 0x0000 (the first page) of each VAS (Virtual Address Space) is never allocated and is always not-present so any access to it can be detected.
Are there any other safety measures you employ or can think of that would help with pointer safety?
- Few things that come to mind:
- Some/many OS's fill memory with easily recognizable pattern (0xCCCCCC, 0xCAFEBABE, etc) that helps with debugging and may help analysis tools
- Filling the first physical memory page with "magic" data so that if it ever gets assigned it would either guarantee or at least increase probability of a crash. Haven't really had a chance to think it thru as to whether it's actually useful and what the "magic" data should be exactly:
- I'm not really sure if this a valid concern; only thing that comes to mind would be a kind of null pointer in the PMM/VMM that would cause the first physical memory page to ever be mapped
- Needs to be "magic" as both data and code, which makes things a bit more tricky
- If data access to 0x0 then it may be 1, 2, 4 or more bytes long access, which might make the "magic" even trickier
- If data or code access and it's not to 0x0 but somewhere else in the first page then that might also be worth catching - Reserving the whole first 1MiB of VAS, I would guess that lower numbers are somehwat more likely than random values so this might protect when a "normal" variable is accidentally cast to a pointer; again, not really sure if it's actually useful
- I've also sometimes thought about automatically growing stack/heap (demand paging whatever the app happens to use), while it might improve performance a little in some cases I think I'd rather prefer the explicitness of brk/mmap and get the security/stability instead
The "magic first physical page" is a kind of recursion in the concept of the normal virtual address null pointer, anyone got any ideas on how to take that further (if it's possible)?