Browse Source

adding pointer protection to 'G' was too heavyweight. Since malloc guard

should be generally usable, split this out into option 'P'. ok deraadt
OPENBSD_3_8
tedu 19 years ago
parent
commit
b1d9a6e152
2 changed files with 14 additions and 7 deletions
  1. +6
    -3
      src/lib/libc/stdlib/malloc.3
  2. +8
    -4
      src/lib/libc/stdlib/malloc.c

+ 6
- 3
src/lib/libc/stdlib/malloc.3 View File

@ -30,7 +30,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE. .\" SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: malloc.3,v 1.38 2005/05/24 16:48:35 tedu Exp $
.\" $OpenBSD: malloc.3,v 1.39 2005/06/07 04:42:42 tedu Exp $
.\" .\"
.Dd August 27, 1996 .Dd August 27, 1996
.Dt MALLOC 3 .Dt MALLOC 3
@ -204,8 +204,6 @@ Enable guard pages and chunk randomization.
Each page size or larger allocation is followed by a guard page that will Each page size or larger allocation is followed by a guard page that will
cause a segmentation fault upon any access. cause a segmentation fault upon any access.
Smaller than page size chunks are returned in a random order. Smaller than page size chunks are returned in a random order.
Pointer sized allocations are aligned to the end of a page to catch
sizeof(ptr) errors where sizeof(*ptr) is meant.
.Pp .Pp
.It Cm H .It Cm H
.Dq Hint . .Dq Hint .
@ -223,6 +221,11 @@ Currently junk is bytes of 0xd0; this is pronounced
Do not output warning messages when encountering possible corruption Do not output warning messages when encountering possible corruption
or bad pointers. or bad pointers.
.Pp .Pp
.It Cm P
.Dq Pointer Protection .
Pointer sized allocations are aligned to the end of a page to catch
sizeof(ptr) errors where sizeof(*ptr) is meant.
.Pp
.It Cm R .It Cm R
.Dq realloc . .Dq realloc .
Always reallocate when Always reallocate when


+ 8
- 4
src/lib/libc/stdlib/malloc.c View File

@ -8,7 +8,7 @@
*/ */
#if defined(LIBC_SCCS) && !defined(lint) #if defined(LIBC_SCCS) && !defined(lint)
static char rcsid[] = "$OpenBSD: malloc.c,v 1.73 2005/05/24 16:39:05 tedu Exp $";
static char rcsid[] = "$OpenBSD: malloc.c,v 1.74 2005/06/07 04:42:42 tedu Exp $";
#endif /* LIBC_SCCS and not lint */ #endif /* LIBC_SCCS and not lint */
/* /*
@ -211,6 +211,8 @@ static int malloc_freeprot;
/* use guard pages after allocations? */ /* use guard pages after allocations? */
static int malloc_guard = 0; static int malloc_guard = 0;
/* align pointers to end of page? */
static int malloc_ptrguard;
#if defined(__FreeBSD__) || (defined(__OpenBSD__) && defined(MADV_FREE)) #if defined(__FreeBSD__) || (defined(__OpenBSD__) && defined(MADV_FREE))
/* pass the kernel a hint on free pages ? */ /* pass the kernel a hint on free pages ? */
@ -612,6 +614,8 @@ malloc_init(void)
case 'J': malloc_junk = 1; break; case 'J': malloc_junk = 1; break;
case 'n': malloc_silent = 0; break; case 'n': malloc_silent = 0; break;
case 'N': malloc_silent = 1; break; case 'N': malloc_silent = 1; break;
case 'p': malloc_ptrguard = 0; break;
case 'P': malloc_ptrguard = 1; break;
case 'r': malloc_realloc = 0; break; case 'r': malloc_realloc = 0; break;
case 'R': malloc_realloc = 1; break; case 'R': malloc_realloc = 1; break;
#ifdef __FreeBSD__ #ifdef __FreeBSD__
@ -1082,7 +1086,7 @@ imalloc(size_t size)
if (suicide) if (suicide)
abort(); abort();
if (malloc_guard && size == PTR_SIZE) {
if (malloc_ptrguard && size == PTR_SIZE) {
ptralloc = 1; ptralloc = 1;
size = malloc_pagesize; size = malloc_pagesize;
} }
@ -1128,7 +1132,7 @@ irealloc(void *ptr, size_t size)
return (NULL); return (NULL);
} }
if (malloc_guard && PTR_ALIGNED(ptr)) {
if (malloc_ptrguard && PTR_ALIGNED(ptr)) {
if (size <= PTR_SIZE) if (size <= PTR_SIZE)
return (ptr); return (ptr);
else { else {
@ -1602,7 +1606,7 @@ ifree(void *ptr)
if (suicide) if (suicide)
return; return;
if (malloc_guard && PTR_ALIGNED(ptr))
if (malloc_ptrguard && PTR_ALIGNED(ptr))
ptr = (char *)ptr - PTR_GAP; ptr = (char *)ptr - PTR_GAP;
index = ptr2index(ptr); index = ptr2index(ptr);


Loading…
Cancel
Save