This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] malloc: harden removal from unsorted list

From: DJ Delorie <dj at redhat dot com>
To: Francois Goichon <fgoichon at google dot com>
Cc: libc-alpha at sourceware dot org
Date: Fri, 23 Feb 2018 14:06:21 -0500
Subject: Re: [PATCH] malloc: harden removal from unsorted list
Authentication-results: sourceware.org; auth=none

While I have no problems with the patch itself (i.e. LGTM), I have two
side notes:

1. We probably could use better error messages now that we have three
numbered ones.  ERROR 458104 - CONSULT MANUAL.

2. At what point do these attack vectors move from "something a hacker
could do" to "something a developer could do" ?  If a hacker can do this
type of computations, a hacker can do pretty much whatever they want
already.  Given how critical malloc performance is to applications these
days, we need to be careful to not harden against things that are only
possible through the developer's malice.

References:
- [PATCH] malloc: harden removal from unsorted list
  - From: Francois Goichon

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]