AuroraMiddleware/glibc
1
0
Fork 0
mirror of https://sourceware.org/git/glibc.git synced 2024-12-26 12:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
fc859c3048
glibc/malloc
History
Siddhesh Poyarekar fc859c3048 Harden tcache double-free check 
The tcache allocator layer uses the tcache pointer as a key to
identify a block that may be freed twice.  Since this is in the
application data area, an attacker exploiting a use-after-free could
potentially get access to the entire tcache structure through this
key.  A detailed write-up was provided by Awarau here:

https://awaraucom.wordpress.com/2020/07/19/house-of-io-remastered/

Replace this static pointer use for key checking with one that is
generated at malloc initialization.  The first attempt is through
getrandom with a fallback to random_bits(), which is a simple
pseudo-random number generator based on the clock.  The fallback ought
to be sufficient since the goal of the randomness is only to make the
key arbitrary enough that it is very unlikely to collide with user
data.

Co-authored-by: Eyal Itkin <eyalit@checkpoint.com>
2021-07-08 01:39:38 +05:30
..
alloc_buffer_alloc_array.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
alloc_buffer_allocate.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
alloc_buffer_copy_bytes.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
alloc_buffer_copy_string.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
alloc_buffer_create_failure.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
arena.c Harden tcache double-free check 2021-07-08 01:39:38 +05:30
Depend added rt to malloc/Depend [BZ #27132] 2021-02-23 10:04:45 +01:00
dynarray_at_failure.c malloc: Sync dynarray with gnulib 2021-02-09 16:57:54 -03:00
dynarray_emplace_enlarge.c malloc: Sync dynarray with gnulib 2021-02-09 16:57:54 -03:00
dynarray_finalize.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
dynarray_resize_clear.c malloc: Sync dynarray with gnulib 2021-02-09 16:57:54 -03:00
dynarray_resize.c malloc: Sync dynarray with gnulib 2021-02-09 16:57:54 -03:00
dynarray-skeleton.c malloc: Sync dynarray with gnulib 2021-02-09 16:57:54 -03:00
dynarray.h malloc: Sync dynarray with gnulib 2021-02-09 16:57:54 -03:00
hooks.c hooks.c: Remove incorrect comment 2021-07-04 18:15:18 +05:30
Makefile tests-exclude-mcheck: Fix typo 2021-07-07 13:28:53 +05:30
malloc-check.c Move glibc.malloc.check implementation into its own file 2021-07-03 00:48:12 +05:30
malloc-hooks.h Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
malloc-internal.h Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
malloc.c Harden tcache double-free check 2021-07-08 01:39:38 +05:30
malloc.h Enable support for GCC 11 -Wmismatched-dealloc. 2021-05-16 15:21:18 -06:00
mallocbug.c Reformat malloc to gnu style. 2014-01-02 09:40:10 +01:00
mcheck-init.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
mcheck.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
mcheck.h Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
memusage.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
memusage.sh Remove all usage of @BASH@ or ${BASH} in installed files, and hardcode /bin/bash instead 2021-05-12 07:47:11 +05:30
memusagestat.c Update copyright dates not handled by scripts/update-copyrights. 2021-01-02 12:17:34 -08:00
morecore.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
mtrace.c mtrace: Add attribute nocommon to mallwatch 2021-07-02 18:14:01 -03:00
mtrace.pl Update copyright dates not handled by scripts/update-copyrights. 2021-01-02 12:17:34 -08:00
obstack.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
obstack.h Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
reallocarray.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
scratch_buffer_dupfree.c malloc: Add scratch_buffer_dupfree 2021-01-05 11:33:16 -03:00
scratch_buffer_grow_preserve.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
scratch_buffer_grow.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
scratch_buffer_set_array_size.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
set-freeres.c nptl: Move stack cache management, __libpthread_freeres into libc 2021-05-11 11:22:33 +02:00
thread-freeres.c dlfcn: dlerror needs to call free from the base namespace [BZ #24773] 2021-04-21 19:49:51 +02:00
tst-alloc_buffer.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-calloc.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-dynarray-at-fail.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-dynarray-fail.c malloc: Sync dynarray with gnulib 2021-02-09 16:57:54 -03:00
tst-dynarray-shared.h malloc: Sync dynarray with gnulib 2021-02-09 16:57:54 -03:00
tst-dynarray.c malloc: Sync dynarray with gnulib 2021-02-09 16:57:54 -03:00
tst-free-errno.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-interpose-aux-nothread.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-interpose-aux-thread.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-interpose-aux.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-interpose-aux.h Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-interpose-nothread.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-interpose-skeleton.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-interpose-static-nothread.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-interpose-static-thread.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-interpose-thread.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-mallinfo2.c tst-mallinfo2.c: Use correct multiple for total variable 2021-05-25 16:47:01 -04:00
tst-malloc_info.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-malloc-backtrace.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-malloc-check.c tst-mcheck: Rename to tst-malloc-check 2021-06-22 14:31:40 +05:30
tst-malloc-fork-deadlock.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-malloc-stats-cancellation.c malloc: Run tst-malloc-stats-cancellation via test-driver.c 2021-04-07 02:35:50 +02:00
tst-malloc-tcache-leak.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-malloc-thread-exit.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-malloc-thread-fail.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-malloc-too-large.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-malloc-usable-static-tunables.c Initialize tunable list with the GLIBC_TUNABLES environment variable 2016-12-31 23:49:24 +05:30
tst-malloc-usable-static.c Add framework for tunables 2016-12-31 23:49:24 +05:30
tst-malloc-usable-tunables.c Initialize tunable list with the GLIBC_TUNABLES environment variable 2016-12-31 23:49:24 +05:30
tst-malloc-usable.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-malloc.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-mallocfork2.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-mallocfork3.c posix: Add _Fork [BZ #4737] 2021-06-28 15:55:56 -03:00
tst-mallocfork.c Fix malloc tests build with GCC 10. 2019-06-10 22:12:08 +00:00
tst-mallocstate.c malloc: Turn tst-mallocstate into a non-internal test 2021-03-09 21:07:24 +01:00
tst-mallopt.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-memalign.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-mtrace.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-mtrace.sh Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-mxfast.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-obstack.c Modify several tests to use test-skeleton.c 2014-11-05 15:24:08 +05:30
tst-posix_memalign.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-pvalloc-fortify.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-pvalloc.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-realloc.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-reallocarray.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-safe-linking.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-scratch_buffer.c malloc: Add scratch_buffer_dupfree 2021-01-05 11:33:16 -03:00
tst-tcfree1.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-tcfree2.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-tcfree3.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
tst-trim1.c * malloc/tst-trim1.c: New file. 2007-12-16 22:57:57 +00:00
tst-valloc.c Update copyright dates with scripts/update-copyrights 2021-01-02 12:17:34 -08:00
Versions malloc: Drop __malloc_initialized from Versions 2021-06-22 20:14:31 +05:30