RE: vulndev-1 and a suggestion about the ensuing discussion

From: Michael Wojcik (Michael.Wojcik_at_microfocus.com)
Date: 05/16/03

  • Next message: Thijs Dalhuijsen: "possible format string in ultra edit 8.00"
    To: vuln-dev@securityfocus.com
    Date: Thu, 15 May 2003 15:48:54 -0700
    
    

    > From: xenophi1e [mailto:oliver.lavery@sympatico.ca]
    > Sent: Thursday, May 15, 2003 12:47 PM

    > 3) How could the layout of malloc()s bookeeping info be smarter? Are
    > there any platforms that have allocators that are more robust against
    > overruns?

    To answer the second question first: there are platforms like C/400 on the
    AS/400, where C programs in essence run under a virtual machine, and most
    out-of-bounds accesses will immediately trap.

    To answer the first: malloc could certainly keep its information somewhere
    other than adjacent to user buffers. For example, it might instead use a
    list of separately-allocated records (or better a list of blocks of records,
    where each block was a data structure suitable for relatively fast access,
    probably a hashtable keyed on a hash of the address returned by malloc).
    With help from mprotect or equivalent these areas could further be protected
    with guard pages. There'd be a performance penalty for such a scheme
    (versus having each malloc'd area carry its own information, as is typical),
    but besides making the heap harder to corrupt, it'd let the implementation
    catch invalid and duplicate free's.

    -- 
    Michael Wojcik
    Principal Software Systems Developer, Micro Focus
    

  • Next message: Thijs Dalhuijsen: "possible format string in ultra edit 8.00"

    Relevant Pages

    • Re: malloc and threads
      ... On all platforms that support threads. ... stating that malloc is safe, but free might cause a contention. ... Thread safety and contention are separate issues. ... threads attempting to free from that arena to block. ...
      (comp.os.linux.development.apps)
    • Re: malloc size
      ... > involving malloc and sizeof_alloc. ... I have no desire for the proposed interface to lie to the client. ... freestanding (though malloc is an extension on freestanding platforms). ... before calling nmalloc. ...
      (comp.lang.c)
    • Re: Security bugs and vulnerabilities of open source
      ... better malloc, OpenSSL incorporated a one-off LIFO freelist. ... so that a variety of bugs can be exposed. ... OH, because SOME platforms have slow performance, it means even if you ...
      (comp.os.vms)
    • Re: overriding malloc and free
      ... > I want to override the global malloc and free and am lacking on ideas. ... there is no standard way to override malloc and free ... most platforms will somehow allow you to repace these standard ...
      (comp.lang.cpp)