This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] malloc: Implement heap protector
- From: DJ Delorie <dj at redhat dot com>
- To: Florian Weimer <fweimer at redhat dot com>
- Cc: GNU C Library <libc-alpha at sourceware dot org>
- Date: Fri, 28 Oct 2016 16:45:54 -0400
- Subject: Re: [PATCH] malloc: Implement heap protector
- Authentication-results: sourceware.org; auth=none
- References: <dd818b8d-7176-8490-0780-e6e25756323a@redhat.com>
My only comments on this one are:
> +/* Decrypt a heap header chunk. */
> +#define HEAP_CRYPT_SIZE(val) (__malloc_header_guard ^ ((INTERNAL_SIZE_T) val))
> +#define HEAP_CRYPT_PREVSIZE(val) \
> + (__malloc_footer_guard ^ ((INTERNAL_SIZE_T) val))
For readability and maintainability, we should probably have both CRYPT
and DECRYPT macros, used correcly throughout. Yes, I know they'd be the
same now, but they might not be later.
> +/* The heap cookie. The lowest three bits (corresponding to
> + SIZE_BITS) in __malloc_guard_header must be clear. Initialized
> + during libc startup, and computed by elf/dl-keysetup.c. */
If the lowest three bits must be clear, we should either clear them or
assert that they're clear.