Re: Malloc -Z

看板FB_security作者時間14年前 (2011/07/28 03:32), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串9/9 (看更多)
On Wed, 27 Jul 2011 13:16:59 -0400 grarpamp wrote: > > malloc(3) has never provided zeroed memory. If you need zeroed > > memory in C, you either need to zero it yourself using memset(3), > > or use calloc(3). > > Or, in lieu, use -Z, presumably. > > > What would be prudent as a developer (and is the default in CURRENT > > I believe) is to use J - it enforces the "memory from malloc(3) is > > not guaranteed to be zeroed." by specifically setting it to > > non-zero. > > Hmm, well for debugging/fuzzing programs, Z or J could be useful. > As would new R(random), 5(0x55), a(0xaa), and f(0xff) variations. > > But for security, it seems running with any of them set would be > wise or flat out required. No? As in the case where users are > untrusted (mischievous, but unable to gain root). > > Because while your own shiny new program may zero on free, all > the other installed programs that handle 'sensitive' data may not. > And without using say, Z... any user could scrape the box. Right? No. It's only freed memory from the same process that can be read. Memory that's hung around in the heap long enough to to get reused. Memory released from other processes is zeroed by the kernel before it's mapped into the process's heap. _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 rwmaillists. 的文章
文章代碼(AID): #1EC6Up8p (FB_security)
更多 rwmaillists. 的文章
文章代碼(AID): #1EC6Up8p (FB_security)