On Thu, Nov 06, 2008 at 11:07:51AM -0500, Ted Unangst wrote:
> On Thu, Nov 6, 2008 at 7:32 AM, Otto Moerbeek <[EMAIL PROTECTED]> wrote:
> > CVSROOT: /cvs
> > Module name: src
> > Changes by: [EMAIL PROTECTED] 2008/11/06 05:32:45
> >
> > Modified files:
> > lib/libc/stdlib: malloc.c
> >
> > Log message:
> > if the freeprot flag (F) is set, do not do delayed frees for chunks
> > (might catch errors closer to the trouble spot) and junk fill pages just
> > before reuse instead of immediate (we can't access the page anyway)
> > since we set PROT_NONE in the F case. ok djm@
>
> I don't think I like this. The delayed return is to make it harder to
> guess when memory is reused. My expectation is that adding more
> malloc options only makes malloc more secure. In that sense, this is
> a regression.
I think the F flag is mostly a debugging aid, as more flags are.
Delayed free opens a few opportunities for use-after-free to go
unnoticed. That was my main concern. Freeing of > paged size stuff is
not changed.
Reusing memory is already more randomized than it used to be, since
chunk allocation is randomized too. This is always enabled with my
malloc.
-Otto
