This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] Avoid deadlock in malloc on backtrace
- From: Florian Weimer <fweimer at redhat dot com>
- To: Paul Eggert <eggert at cs dot ucla dot edu>, Siddhesh Poyarekar <siddhesh at redhat dot com>
- Cc: libc-alpha at sourceware dot org, carlos at redhat dot com
- Date: Wed, 25 Feb 2015 10:23:56 +0100
- Subject: Re: [PATCH] Avoid deadlock in malloc on backtrace
- Authentication-results: sourceware.org; auth=none
- References: <20150224100249 dot GA31871 at spoyarek dot pnq dot redhat dot com> <54EC52E6 dot 5010905 at redhat dot com> <20150224115158 dot GH23807 at spoyarek dot pnq dot redhat dot com> <54ECBA3D dot 90601 at cs dot ucla dot edu>
On 02/24/2015 06:51 PM, Paul Eggert wrote:
> But really, we shouldn't have to modify applications to work around this
> problem, and the problem should be fixed in glibc. 'backtrace'
> shouldn't require 'malloc' to work, as we want 'backtrace' to get a
> backtrace as reliably as possible even when part of memory is corrupted.
That's simply not possible with an in-process backtrace. As I already
said, I think it is a bad idea to continue running after detecting a
security violation. The idea that it's somehow possible to recover from
stack or heap corruption is fundamentally flawed.
--
Florian Weimer / Red Hat Product Security