Beefy Boxes and Bandwidth Generously Provided by pair Networks
"be consistent"

Re^4: [OT] Stats problem

by BrowserUk (Pope)
on Feb 27, 2015 at 12:04 UTC ( #1118067=note: print w/replies, xml ) Need Help??

in reply to Re^3: [OT] Stats problem
in thread [OT] Stats problem

non-periodic function that can be easily created and checked?

Any time you squeeze a 64-bit value (address) into a 32-bit pot, you are going to get repeats.

The good thing with using the offset directly is that you know that the repeats are always going to be 4 billion bytes apart. And thus only occur if the program uses more than 4GB of heap; and on my 8GB only occur twice. (Not strictly true if I allowed my machine to go into swapping!)

With any non-periodic function, the repeats will (must) still occur, the only difference is that the spacing will vary, and be less. It could even put then in adjacent memory slots; or certainly a lot closer together.

Intuitively -- though as I observed elsewhere, there is nothing much that is intuitive about this -- the danger of the copy-over problem seems more likely the closer together they are.

With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday'
Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
"Science is about questioning the status quo. Questioning authority". I'm with torvalds on this
In the absence of evidence, opinion is indistinguishable from prejudice. Agile (and TDD) debunked

Replies are listed 'Best First'.
Re^5: [OT] Stats problem
by QM (Parson) on Feb 27, 2015 at 13:32 UTC
    Yes, yes, all valid points. I was just trying to remove one more weakness, which is the 4GB offsets matching.

    Consider that anything that hits the 4GB+x weakness will be undetectable, regardless of the length of the overrun. (OK, within reason, as a long enough overrun will surely break something else.)

    Under an MD5 hash scheme, the chances of a 32bit slot being overwritten with the correct magic data is 1/4G, the same as with the offset method. But for the offset method, if the from/to addresses are 4GB apart, a run will generate the correct data, regardless of the length of run. For MD5 hash, the probabilities are independent, even for a malloc overrun as in the example, because consecutive hash values are not dependent on the neighboring hash values in any simple way.

    Still, 1/4G is quite small.

    Quantum Mechanics: The dreams stuff is made of

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1118067]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chanting in the Monastery: (6)
As of 2020-05-31 17:20 GMT
Find Nodes?
    Voting Booth?
    If programming languages were movie genres, Perl would be:

    Results (175 votes). Check out past polls.