Given all the attention COBOL has gotten lately, I still haven’t seen any discussion of its characteristics that make it relatively “safe”, secure, and fast. These are; all memory is statically allocated, no dynamic memory allocation. No user defined functions and no stack. Of course I’m referring to the 85 standard here and later versions added these things but 85 is very common on mainframes (my understanding please correct if wrong).
These two things disallow entire classes of exploits and errors.
Edit to add, rather than put out these puff pieces, ibm needs to figure out how to get mainframe access for developers, only then will they see usage increase.
Those things also disallow entire classes of program. Good luck writing a webserver or game engine without heap allocation
While not addressing the comment of writing programs without heap allocation, a lot of programs can be compiled to execute using the only mov instructions: https://github.com/xoreaxeaxeax/movfuscator
Yes, it can run doom: https://github.com/xoreaxeaxeax/movfuscator/tree/master/vali...
It just doesn't run doom terribly fast.
ok, so how do you call malloc or syscalls with mov instructions? Do you just (assuming you turned on executable stack) use mov to write the corresponding non-mov instructions necessary to do those things to memory, then mov the address of these instructions to the ip register? im struggling a little here
Malloc isn't particularly more special than any libc function. It simply supports the fantasy that the memory is unlimited in scale. It was always of a static size, you were just handing off the chore of dividing it up. You can usefully implement dynamic sizing in languages with static memory allocation by pre-allocating large arrays and then maintaining handles and liveness flags. This is, in fact, how every console game used to do it until available memory sizes got into the hundreds of megabytes. Fragmentation and the subsequent crashes from OOM presented too much of a concern before then.