From f816214aa0c6a212c2294ec0c1fbd6dcd384724b Mon Sep 17 00:00:00 2001 From: otto <> Date: Wed, 13 Jan 2010 12:40:11 +0000 Subject: [PATCH] New options 'S', as a shorthand for the options most suitable as an extra safeguard (FGJ). Idea from deraadt@; ok deraadt@ dlg@ --- src/lib/libc/stdlib/malloc.3 | 6 ++++-- src/lib/libc/stdlib/malloc.c | 6 +++++- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/src/lib/libc/stdlib/malloc.3 b/src/lib/libc/stdlib/malloc.3 index e0edd944..71962c56 100644 --- a/src/lib/libc/stdlib/malloc.3 +++ b/src/lib/libc/stdlib/malloc.3 @@ -30,9 +30,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $OpenBSD: malloc.3,v 1.63 2009/10/10 18:36:52 otto Exp $ +.\" $OpenBSD: malloc.3,v 1.64 2010/01/13 12:40:11 otto Exp $ .\" -.Dd $Mdocdate: October 10 2009 $ +.Dd $Mdocdate: January 13 2010 $ .Dt MALLOC 3 .Os .Sh NAME @@ -272,6 +272,8 @@ This can substantially aid in compacting memory. .\".Xr ktrace 1 .\"for all operations. .\"Consult the source for this one. +.It Cm S +Enable all options suitable for security auditing. .It Cm X .Dq xmalloc . Rather than return failure, diff --git a/src/lib/libc/stdlib/malloc.c b/src/lib/libc/stdlib/malloc.c index 9bdea862..9cee3e59 100644 --- a/src/lib/libc/stdlib/malloc.c +++ b/src/lib/libc/stdlib/malloc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: malloc.c,v 1.123 2009/12/16 08:23:53 otto Exp $ */ +/* $OpenBSD: malloc.c,v 1.124 2010/01/13 12:40:11 otto Exp $ */ /* * Copyright (c) 2008 Otto Moerbeek * @@ -661,6 +661,10 @@ omalloc_init(struct dir_info **dp) case 'R': mopts.malloc_realloc = 1; break; + case 'S': + mopts.malloc_freeprot = mopts.malloc_junk = 1; + mopts.malloc_guard = MALLOC_PAGESIZE; + break; case 'x': mopts.malloc_xmalloc = 0; break;