Bug 25223 - consider using Hardened Malloc
Summary: consider using Hardened Malloc
Alias: None
Product: glibc
Classification: Unclassified
Component: malloc (show other bugs)
Version: unspecified
: P2 normal
Target Milestone: ---
Assignee: Not yet assigned to anyone
Depends on:
Reported: 2019-11-25 08:16 UTC by adrelanos
Modified: 2019-11-25 12:21 UTC (History)
2 users (show)

See Also:
Last reconfirmed:
fweimer: security-


Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Adhemerval Zanella 2019-11-25 11:54:55 UTC
Which is the exact idea of this enhancement request? GLIBC already has support for interposable malloc, so the usage of an external interposable malloc is straightforward. 

If the idea is *replace* current malloc implementation I think a better strategy would bring this up to libc-alpha instead of opening a bug report. This is a huge task, that would require to take into consideration multiple factors, and it will require much discussion. 

Also, the malloc implementation has been improved both in security, (for instance 5b06f538c5, c0e82f11735, ebe544bf6e8e), usability and performance (the tache support for instance). So I would prefer to work by identifying issues with the current implementation and work towards fixing them while taking into consideration not only security but performance metrics as well (as we have done in the past).
Comment 2 Florian Weimer 2019-11-25 12:06:26 UTC
The proposed allocator is 64-bit-only, so not suitable for glibc anyway.
Comment 3 Adhemerval Zanella 2019-11-25 12:21:14 UTC
It would be good if such proposals could at least identify deficiencies in current implementations, instead of generic request to replace a battle-proven implementation that is currently developed.