From: anton@mips.complang.tuwien.ac.at   
      
   Krishna Myneni  writes:   
   >Does this mean Gforth is   
   >immune to arbitrary code execution attacks for the fp and data stack   
   >overflow and underflow conditions?   
      
   Technically, one might answer "yes", but there are stack depth   
   violations that don't result in a stack overflow or underflow, and   
   that can lead to arbitrary code execution in Gforth.  A simple example   
   is:   
      
   : bla ." bla" ;   
      
   : foo >r ;   
      
   ' bla >body foo \ prints "bla"   
      
   Essentially, there is far too few guardrails in Gforth for the guard   
   pages to provide significant safety.  For Gforth they are just a   
   convenience feature.   
      
   However, the idea of Safe Forth is to eliminate all these other ways   
   towards arbitrary code execution, and in Safe Forth the guard pages   
   will close the hole that stack overflows and underflows would   
   otherwise leave open.   
      
   Note that guard pages require OS support; Gforth uses the mprotect()   
   system call (of modern (since ~1990) Unix systems) for that.   
      
   - anton   
   --   
   M. Anton Ertl  http://www.complang.tuwien.ac.at/anton/home.html   
   comp.lang.forth FAQs: http://www.complang.tuwien.ac.at/forth/faq/toc.html   
        New standard: https://forth-standard.org/   
      EuroForth 2023: https://euro.theforth.net/2023   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)