Can Strings be passed to Subs BYVAL?

[keeling]

Time for the second question of the night....

Can strings be passed ByVal? If not why? Are they a form of array? Or am I just messing something up?

Randy

[v3cz0r]

Only on prototypes, the STRING type is actually a descriptor in QB/VB/FB, BYVAL arg AS STRING tells VB/FB to pass the address to the string data, not to the descriptor.

Byval strings arguments used in FB itself are on the todo list, but they are not simple to add as it may seem, as they will work like a implicit pointer to a fixed-len string with a unknown length, when things start to become unpredictable.

[1000101]

Why not just place a copy of the string on the stack and pass the descriptor to that? I think that is what VB does.

[v3cz0r]

If you have:

Code:

declare sub foo( byval bar as string )

foo abc$

sub foo( byval bar as string )

end sub

Then the compiler (in the way it works) has no way to know if you were calling an API that needs the string data or an internal routine, that can process a copy of the string descriptor.

[Antoni Gual]

Strings on the stack..is'nt this what makes c vulnerable to buffer overflow exploits?

[1000101]

No, not checking when you reach the end of a string on the stack is what causes buffer overflow attacks.

ie: Pass a source compressed buffer and a too small uncompressed buffer to a decompression routine, the newly compressed data will overwrite the return address ptr and anything else on the stack. As a result, the virus and return ptr hidden in the compressed buffer is jumped to and wreaks havok.

However, if the decompressor maintains a watch on when it reaches the end of the destination buffer, then it would stop decompressing and fail with a "not a large enough dest buffer" error. But, in the interest of speed, people *cough*microsoft*cough* doesn't do this security check, and thus we have patches every 10 seconds for security holes.