Dereferencing NULL pointers
John Gilmore
gnu at sun.UUCP
Sat Nov 26 11:08:16 AEST 1983
With a memory map which separates supervisor and user address spaces
(or a 68010, using the Vector Base Register), it is possible to make a
68000 version of Unix which allows full user access to page 0.
There is another possibility, which was reportedly used in early
releases of Xenix for the 68000 -- make page zero readable by the user
even though they can't write it. If you put a zero in RAM location 0
(OK since the only time the 68000 uses it is after a RESET, when it's
probably fetching from PROM instead of RAM), it makes most buggy Vax
programs work, since they mostly assume that a zero pointer points to a
zero (eg, a null character). Microsoft reportedly did this because
they didn't have time in the early releases to fix all the *0 bugs in
all the user programs; they have presumably fixed the user programs
since then.
Sun Unix 1.0 puts the kernel in a separate address space, but, to catch
bugs, does not make page zero of the user address space accessible.
More information about the Comp.unix.wizards
mailing list