On Tuesday 14 September 2010 16:18:18 Søren Sandmann wrote: > From: Søren Sandmann Pedersen <s...@redhat.com> > > These variants of malloc() and free() try to surround the allocated > memory with protected pages so that out-of-bounds accessess will cause > a segmentation fault. > > If mprotect() and getpagesize() are not available, these functions are > simply equivalent to malloc() and free().
[...] > +void * > +fence_malloc (uint32_t len) > +{ > + unsigned long page_size = getpagesize(); > + unsigned long page_mask = page_size - 1; > + uint32_t n_payload_bytes = (len + page_mask) & ~page_mask; > + uint32_t n_bytes = > + (len + > + page_size * (N_LEADING_PROTECTED + N_TRAILING_PROTECTED + 2) + > + n_payload_bytes) & ~page_mask; > + uint8_t *initial_page; > + uint8_t *leading_protected; > + uint8_t *trailing_protected; > + uint8_t *payload; > + uint8_t *addr; > + > + addr = malloc (n_bytes); > + > + if (!addr) > + { > + printf ("malloc failed on %u %u\n", len, n_bytes); > + return NULL; > + } > + > + initial_page = (uint8_t *)(((unsigned long)addr + page_mask) & > ~page_mask); + leading_protected = initial_page + page_size; > + payload = leading_protected + N_LEADING_PROTECTED * page_size; > + trailing_protected = payload + n_payload_bytes; > + > + ((info_t *)initial_page)->addr = addr; > + ((info_t *)initial_page)->len = len; > + ((info_t *)initial_page)->trailing = trailing_protected; > + > + if (mprotect (leading_protected, N_LEADING_PROTECTED * page_size, > + PROT_NONE) == -1) There is the following warning in mprotect man page: "SVr4, POSIX.1-2001. POSIX says that the behavior of mprotect() is unspecified if it is applied to a region of memory that was not obtained via mmap(2)." Also I wonder if it makes sense to be able to configure whether to align allocated memory blocks at the lower or upper page boundary? -- Best regards, Siarhei Siamashka _______________________________________________ Pixman mailing list Pixman@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/pixman