This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] Avoid deadlock in malloc on backtrace

From: "Carlos O'Donell" <carlos at redhat dot com>
To: Szabolcs Nagy <nsz at port70 dot net>
Cc: Siddhesh Poyarekar <siddhesh at redhat dot com>, libc-alpha at sourceware dot org
Date: Fri, 27 Feb 2015 11:33:28 -0500
Subject: Re: [PATCH] Avoid deadlock in malloc on backtrace
Authentication-results: sourceware.org; auth=none
References: <20150224100249 dot GA31871 at spoyarek dot pnq dot redhat dot com> <54EF9B9C dot 1080305 at redhat dot com> <20150227142009 dot GB16260 at port70 dot net>

On 02/27/2015 09:20 AM, Szabolcs Nagy wrote:
> * Carlos O'Donell <carlos@redhat.com> [2015-02-26 17:18:04 -0500]:
>> (1) Delaying the abort is bad for security.
>>
>> Problem: The library should abort() immediately from a security perspective.
>>
>> Solution: Don't delay, call abort() immediately.
> 
> i think from security pov immediate crash (__builtin_trap) is the right solution
> 
> abort is complex (eg glibc tries to fflush stdio buffers)

I agree that __builtin_trap would be an option.

c.

References:
- [PATCH] Avoid deadlock in malloc on backtrace
  - From: Siddhesh Poyarekar
- Re: [PATCH] Avoid deadlock in malloc on backtrace
  - From: Carlos O'Donell
- Re: [PATCH] Avoid deadlock in malloc on backtrace
  - From: Szabolcs Nagy

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]