[nsp] RED_ZONE Limit?
Eric Osborne
eosborne at cisco.com
Wed Jan 21 23:53:12 EST 2004
...
> > crude pseudo-code:
> >
> > do_until_whatever
> > var out-of-bounds int
> > set out-of-bounds = 0
> > var overrun boolean
> > set overrun false
> > set out-of-bounds=diff(buffer-len - data-len)
> > if out-of-bounds .le. 0 set overrun true
> > if oveerun call overrun-handler
> > end_if
> >
> > how hard is that?
>
> to be fair, CatOS has more than 9 lines and 1 buffer :)
>
Right; if we did do_until_whatever for *every write to memory*, how
bad would that suck? Any reasonable computer scientist will tell you
you can't check for every possible error condition with every action
every time in anything close to a real-time system. There are
certainly things one can do to limit stuff like buffer overruns (and
we really do do them - despite what some may think, we really do
occasionally hire a systems programmer who might understand something
about how to write C), but what you propose above doesn't scale.
Never mind questions like "how do you know your sanity check is itself
sane?" This is one reason sanity checkers are Hard - not Impossible,
but certainly not trivial.
eric
> Steve
>
> >
> > ~v/r
> > Del Hudson
> > 61CS/SCBN - LAAFB NCC
> > Network Architecture & Engineering Group
> > delbert.hudson at losangeles.af.mil
> >
> >
> >
> > -----Original Message-----
> > From: Tomas Daniska [mailto:tomas at tronet.com]
> > Sent: Wednesday, January 21, 2004 7:22 AM
> > To: Church, Chuck; Pete Templin; Dariusz Sznajder
> > Cc: cisco-nsp at puck.nether.net
> > Subject: RE: [nsp] RED_ZONE Limit?
> >
> >
> > red zone is an intentionally unused memory space (boundary) between
> > allocated memory blocks, initialized with a well-known value. if the code
> > somehow manages to overflow the buffer there is a large probability that
> > also the redzone will be overwriten
> >
> > memory manager processes periodically scan all redzones for proper values.
> > should they find a discrepancy, that usualy denotes a buffer overflow error,
> > in this case in the packet processing code
> >
> > --
> >
> > deejay
> >
> > > -----Original Message-----
> > > From: Church, Chuck [mailto:cchurch at wamnetgov.com]
> > > Sent: 21. januára 2004 15:35
> > > To: Pete Templin; Dariusz Sznajder
> > > Cc: cisco-nsp at puck.nether.net
> > > Subject: RE: [nsp] RED_ZONE Limit?
> > >
> > > Was the 1010 sitting inside the 20 yard line? :) Seriously
> > > though, I didn't find anything on google either. Real strange...
> > >
> > > Chuck Church
> > > CCIE #8776, MCNE, MCSE
> > > Wam!Net Government Services
> > > 13665 Dulles Technology Dr. Ste 250
> > > Herndon, VA 20171
> > > Office: 703-480-2569
> > > Cell: 703-819-3495
> > > cchurch at wamnetgov.com
> > > PGP key:
> > > http://pgp.mit.edu:11371/pks/lookup?op=index&search=cchurch%40
> > > wamnetgov.com
> > >
> > > > -----Original Message-----
> > > > From: Pete Templin [mailto:petelists at templin.org]
> > > > Sent: Wednesday, January 21, 2004 8:10 AM
> > > > To: Dariusz Sznajder
> > > > Cc: cisco-nsp at puck.nether.net
> > > > Subject: Re: [nsp] RED_ZONE Limit?
> > > >
> > > >
> > > > Shoulda used Old Spice deodorant?
> > > >
> > > > Dunno.
> > > >
> > > > Dariusz Sznajder wrote:
> > > > > Hi,
> > > > >
> > > > > What does mean this message:
> > > > > %AAL5-3-INTERNAL_ERROR: aal5send: Pkt Buffer Exceeds
> > > > RED_ZONE Limit
> > > > > from LightStream 1010 ATM Switch?
> > > > >
> > > > > Cisco Search asked about RED_ZONE: No documents were found. :-(
> > > > >
> > > > _______________________________________________
> > > > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > > > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > > > archive at http://puck.nether.net/pipermail/cisco-nsp/
> > > >
> > >
> > > _______________________________________________
> > > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > > archive at http://puck.nether.net/pipermail/cisco-nsp/
> > >
> > >
> > >
> >
> > _______________________________________________
> > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
> > _______________________________________________
> > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list