This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Deprecate mcheck?
- From: Florian Weimer <fweimer at redhat dot com>
- To: libc-alpha at sourceware dot org
- Date: Mon, 10 Feb 2014 15:27:42 +0100
- Subject: Deprecate mcheck?
- Authentication-results: sourceware.org; auth=none
With -lmcheck, it is possible to add malloc checking hooks which wrap
the allocations with an additional header.
The approach is not specific to our malloc implementation, it does not
use internal implementation details (thus the separate header). The
current implementation is not thread-safe and may be incompatible with
early allocations in C++ code. With help from the malloc
implementation, it should be possible to come up with something that is
quite a bit more efficient.
It's also odd that this functionality is enabled with -lmcheck or an
explicit function call, and not with LD_PRELOAD (where it completely
reside if necessary).
It also seems to me that it can't be abused as a security feature. The
canaries are static, so the only secret is the heap randomization. We
also have something similar in glibc itself.
So I'd like to deprecate mcheck in 2.20, and remove -lmcheck in 2.21 and
turn the functions into hidden NOPs.
--
Florian Weimer / Red Hat Product Security Team