ALGOL W Programming Language

Added on - 16 Sep 2019

  • 4

    pages

  • 1387

    words

  • 112

    views

  • 0

    downloads

Showing pages 1 to 2 of 4 pages
Answer 1Tony Hoare, who invented null references in ALGOL W programming language, in 1965 refersto it as a "historically bad idea", a "billion-dollar mistake". The impetus for him to introduce thisfeature was a typical programmer tendency to incorporate a new unrequested feature in theproduct he is working on, just because it is easy to implement.Now, let us explore how null references can cause complexities and create insecure code, withreference to C and C++.(1)Complexity increases becauseanyobject can in theory be null, and throw an exception whenit is used. This results in the code being a collection of bombs which could explode any time.Now, to mitigate this, checks have to introduced at every step which ensure that the object weare dealing with is not null, and only then we proceed with accessing its members or properties.Code example:...stream = open_memstream(&buf, &size);if (stream == NULL) { // checking error/* handle error */};fprintf(stream, "hello");...(2)Security concerns are introduced as NULL being a value that denotes no value, it is able tobypass compile-time checks of compiler.Code example:char c = 'A';char *myChar = 0; // instead of &cstd::cout << *myChar << std::endl; // results in runtime error(3)Security is compromised as because of null reference, strings are identified by their beingterminated by null character. There is nothing stopping a programmer from accessing memoryoutside the bounds of the string. This opens up security as anything can be read or written to anymemory location.Code example:char myText = "Hello";myText[10] = 'c'; // writing on unauthorized out-of-bound memory location
(4)Security is further compromised when NULL is considered with freeing memory. Now, whenmemory is attempted to be freed from a location which has already been freed, undefinedbehavior occurs and the system behaves in an unexpected manner.Code example:free(x); // this is wrong/* code using x */free(x);Now, there are conventions and best-practices that train programmers to work around theseloopholes, but the fact is that they do exist, and they all stem from the one decision to includenull references.Answer 2Rust has been developed to be a more secure language than contemporary languages which focuson programs being able to be embedded in other languages, with specific space and timerequirements, and writing low-level code, like device drivers and operating systems. It intendsto be more secure by introducing a number of compile-time safety checks which have zeroruntime overhead, and also eliminates data races.Memory safety is guaranteed in Rust by taking away all control of managing memory away fromthe user and giving it back to the programming language. While this not only reduces the burdenon programmers, it ensures a whole class of security loopholes are eliminated. The programmerdoes not do any pointer arithmetic or managing memory (no 'free' is required to deallocatememory in Rust). When an entity goes out of scope, the memory allocated to it is reclaimed.Also, the concept of ownership ensures that at any given time, only one entity has access to amemory location and this eliminates races, and contributes to memory safety.Code example in Rust:let text = "hello world";println!("Exists {:?}", text);println!("Does not exist {:?}", text_no_binding); // will result in compile-time error as variable has not been boundCode example in C:int x;printf("%d", x); // indeterminate, undefined behavior will result
desklib-logo
You’re reading a preview
card-image

To View Complete Document

Become a Desklib Library Member.
Subscribe to our plans

Unlock This Document