Re: A bunch of memory allocation bugs in CGD

From: ALeine (aleine_at_austrosearch.net)
Date: 03/30/05

  • Next message: Roland Dowdeswell: "Re: A bunch of memory allocation bugs in CGD" 
    Date: Wed, 30 Mar 2005 13:37:53 -0800 (PST)
To: elric@imrryr.org

    elric@imrryr.org wrote:

    > Having a quick read it looks like the call to cmd_nuke() is
    > preceded by a cmd_open(). cmd_open() loads the decrypted decoded
    > contents of the lock sector into memory which contain all of the
    > information needed to decrypt the disk. In cmd_nuke(), the malloc is
    > followed immediately by a memset(3) which could core dump.

    You're right on both counts, I apologize for the confusion, I have
    several versions of GBDE files around and just before I made that
    comment about segmentation violation not being possible I took a
    look at the malloc(3) line in my patched version by mistake. In
    that version I replaced the malloc(3) and memset(3) calls in cmd_nuke()
    with a single malloc(3) call with the M_ZERO flag set.

    Using mlockall(2) to prevent paging and setrlimit(2) to prevent core
    from being dumped would also be an improvement for both CGD and GBDE.

    ALeine
    ___________________________________________________________________
    WebMail FREE http://mail.austrosearch.net
    _______________________________________________
    freebsd-hackers@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
    To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"

  • Next message: Roland Dowdeswell: "Re: A bunch of memory allocation bugs in CGD"

    Relevant Pages

    • Re: Determine calling function
      ... responding to the failure by trying again corresponds closely to ... a malloc() failure by tring another malloc, ... memory, not at the actual point of failure. ... address from 0 to 0x7fffffff or so will cause a core dump. ...
      (comp.lang.c)
    • Re: [Lit.] Buffer overruns
      ... > on many systems checking the return value of malloc is no protection against ... > a subsequent segmentation violation and core dump when the returned pointer ... then the allocated region *is* available ...
      (sci.crypt)
    • Re: Core Dumps in general and one strange on in particular
      ... The code that I was writing was simple enough that I ... > didn't need to examine the core dump file. ... > it grew bigger every time we deleted some other file on the disk. ...
      (comp.unix.programmer)
    • Core Dumps in general and one strange on in particular
      ... I've written some stuff that caused a core dump file ... it grew bigger every time we deleted some other file on the disk. ...
      (comp.unix.programmer)
    • pgcalc2 crashes with almost any usage, huh ?
      ... I just installed the FreeBSD-5.4 port of ~/math/pgcalc anything beyond simply entering a digit, e.g. multiplication, causes a malloc() error and core dump. ... Courtney ...
      (comp.unix.bsd.freebsd.misc)