This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] malloc/malloc.c: Mitigate null-byte overflow attacks


Moritz Eckert <m.eckert@cs.ucsb.edu> writes:
>> But as of now, regarding my proposed patch, it would prevent the 
>> Poison-Null-Byte attack immediately and with no performance impact, 
>> which seems like a good solution until the heap protector is ready.

I'm OK with the original patch that moves the size check outside the
unlink() macro, at least.  Wait for a second +1, then it should be OK to
apply.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]