This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] malloc: Implement heap protector

From: Florian Weimer <fweimer at redhat dot com>
To: Paul Eggert <eggert at cs dot ucla dot edu>, GNU C Library <libc-alpha at sourceware dot org>
Date: Thu, 10 Nov 2016 16:39:02 +0100
Subject: Re: [PATCH] malloc: Implement heap protector
Authentication-results: sourceware.org; auth=none
References: <dd818b8d-7176-8490-0780-e6e25756323a@redhat.com> <7b7d32d4-b66c-4b87-9509-a9ed4df62b85@cs.ucla.edu> <296af8bd-17ab-439e-90d1-bfadf3684c7f@redhat.com>

On 11/08/2016 04:13 PM, Florian Weimer wrote:

diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h
index f68fdf4..801ded8 100644
--- a/sysdeps/generic/ldsodefs.h
+++ b/sysdeps/generic/ldsodefs.h
@@ -607,6 +607,10 @@ struct rtld_global_ro
   /* List of auditing interfaces.  */
   struct audit_ifaces *_dl_audit;
   unsigned int _dl_naudit;
+
+  /* malloc protection keys. */
+  uintptr_t _dl_malloc_header_guard;
+  uintptr_t _dl_malloc_footer_guard;
 };
 # define __rtld_global_attribute__
 # if IS_IN (rtld)

This way of carrying information from ld.so to libc.so.6 does not workin the static dlopen case because rtld_global_ro is only initializedfrom the static initializer. The code in security_init is never called,and so the two cookie values are always 0.

I believe this is a pre-existing bug in static dlopen, but I'll need towrite a test case first.


Florian

References:
- Re: [PATCH] malloc: Implement heap protector
  - From: Florian Weimer

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]