[langsec-discuss] Computational Power of Restricted Languages
Taylor Hornby
havoc at defuse.ca
Tue Nov 11 21:31:46 UTC 2014
Hi,
I'm doing a LangSec binge and noticing a frequent error in LangSec
material (papers, talks). I'm not sure if it's just an "abuse of
notation" or an actual error, so hopefully someone on this list can
explain what is actually meant. I'm new to LangSec, so please forgive me
if I'm missing something obvious.
Here's one example. Quoting the footnote on page 5 of "Security
Applications of Formal Language Theory"...
"...HTML5+CSS3 (shown to be UNDECIDABLE by virtue of its ability to
implement Rule 110)..."
The fact that HTML5+CSS3 can specify computation that is as powerful as
a Turing machine does not mean the language itself is undecidable or
even requires a Turing machine to decide.
For example, the Turing-complete language "brainfuck" is as powerful as
a Turing machine, but the language specifying a brainfuck program is
context-free.
Brainfuck -> OPS
OP -> > | < | + | - | . | ,
OPS -> OPS OP | OPS Loop
Loop -> '[' OPS ']'
Similarly, any reasonable encoding of a Turing machine is context-free.
Most generally, the set of all strings is a regular language, and
clearly you can encode Turing machines with that language! The fact that
a language is, say, regular, does not guarantee that its semantics are
not Turing-complete.
So: What is meant by this? Is it abuse of notation for "Not only should
your syntax be regular or context-free, but your semantics should be as
well?"
Another claim I'm skeptical of (for the same reason) is that having
a correct parser will make it less likely for input to trigger bugs that
are "behind" the parser. That's not true, because if you have a bug that
is not related to parsing, that bug can be exploited without assuming
anything about the parser, so changing the parser won't affect the
exploitability of that bug. Given that, LangSec seems to boil down to
"Don't write code when you can have it generated for you."
Thanks,
--
Taylor Hornby
Disclaimer: I'm wrong a lot of the time
More information about the langsec-discuss
mailing list