diff options
| author |   djm <djm@openbsd.org> | 2012-11-02 18:18:15 +0000 |
|---|---|---|
| committer | djm <djm@openbsd.org> | 2012-11-02 18:18:15 +0000 |
| commit | 73d5595feaea96ca4761ade8a69cd014aff93dd0 (patch) | |
| tree | 0ce0de68d33b6f600bf8ad7e6c56be1dcfd3b525 /lib/libc/stdlib/malloc.3 | |
| parent | Unstick bgpctl reload after reloading a bgpd.conf with errors. (diff) | |
| download | wireguard-openbsd-73d5595feaea96ca4761ade8a69cd014aff93dd0.tar.xz wireguard-openbsd-73d5595feaea96ca4761ade8a69cd014aff93dd0.zip | |
Add a new malloc option 'U' => "Free unmap" that does the guarding/
unmapping of freed allocations without disabling chunk randomisation
like the "Freeguard" ('F') option does. Make security 'S' option
use 'U' and not 'F'.
Rationale: guarding with no chunk randomisation is great for debugging
use-after-free, but chunk randomisation offers better defence against
"heap feng shui" style attacks that depend on carefully constructing a
particular heap layout so we should leave this enabled when requesting
security options.
Diffstat (limited to 'lib/libc/stdlib/malloc.3')
| -rw-r--r-- | lib/libc/stdlib/malloc.3 | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/lib/libc/stdlib/malloc.3 b/lib/libc/stdlib/malloc.3 index 6a012fd23df..74df922f4bc 100644 --- a/lib/libc/stdlib/malloc.3 +++ b/lib/libc/stdlib/malloc.3 @@ -30,9 +30,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $OpenBSD: malloc.3,v 1.70 2011/07/22 07:00:44 otto Exp $ +.\" $OpenBSD: malloc.3,v 1.71 2012/11/02 18:18:15 djm Exp $ .\" -.Dd $Mdocdate: July 22 2011 $ +.Dd $Mdocdate: November 2 2012 $ .Dt MALLOC 3 .Os .Sh NAME @@ -231,13 +231,17 @@ This option requires the library to have been compiled with -DMALLOC_STATS in order to have any effect. .It Cm F .Dq Freeguard . -Enable use after free protection. +Enable use after free detection. Unused pages on the freelist are read and write protected to cause a segmentation fault upon access. This will also switch off the delayed freeing of chunks, reducing random behaviour but detecting double .Fn free calls as early as possible. +This option is intended for debugging rather than improved security +(use the +.Cm U +option for security). .It Cm G .Dq Guard . Enable guard pages. @@ -275,6 +279,11 @@ This can substantially aid in compacting memory. .\"Consult the source for this one. .It Cm S Enable all options suitable for security auditing. +.It Cm U +.Dq Free unmap . +Enable use after free protection for larger allocations. +Unused pages on the freelist are read and write protected to +cause a segmentation fault upon access. .It Cm X .Dq xmalloc . Rather than return failure, |