An observation about tail calls
(published 2011-10-09)
Go lacks proper tail calls: calls in tail positions grow the stack, at least in the standard implementation. This prevents the direct implementation of state machine as a collection of functions recursively calling each other. Surprisingly, the usual workaround, a mini-interpreter, makes it straightforward to execute the state machine incrementally, and not just to completion, without relying on additional language features such as coroutines.
A Hole in Ada Type Safety
(published 2011-04-30)
Ada aims to restrict unsafe language features which break type safety to a set of constructs which can be easily spotted in source case. Examples include unchecked deallocation, unchecked conversion and explicit address handling. This note shows that a combination of safe-looking language features can be used to undermine type safety, too.
First snow this winter
(published 2009-12-19)
It has fallen during last night.
Performance issues with Java finalizers
(published 2009-05-01)
It is surprisingly easy to outpace the Java garbage collector if lots of objects with finalizers are created, leading to spurious out-of-memory errors with lots of objects which could theoretically be reclaimed.
The Java/Firewall vulnerability
(published 2005-07-30 22:00)
The Java sandbox for applets and stateful firewalls interact in a surprising way. As a result, external hosts can initiate TCP connections to supposedly protected network services.
Discovering copies of zlib
(published 2005-07-12, updated 2005-07-24)
The generic zlib signatures were updated for version 1.2.3 of the library.
Algorithmic Complexity Attacks and the Linux Networking Code
(published 2003-05-17)
The Linux networking code makes extensive use of hash tables to implement caches to support packet classification. One of these caches, the routing cache, can be used to mount effective denial of service attacks, using an algorithmic complexity attack.