Re: Understanding Linux addr space, malloc, and heap

From: Kyle Moffett
Date: Sun Oct 23 2005 - 16:30:24 EST

Next message: Al Viro: "Re: [patch] drivers/block: updates .owner field of struct pci_driver"
Previous message: Andrew Morton: "Re: [PATCH 7/9] mm: split page table lock"
In reply to: Arjan van de Ven: "Re: Understanding Linux addr space, malloc, and heap"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Oct 23, 2005, at 06:44:47, Arjan van de Ven wrote:

But even if Vincend makes the next malloc/free/whatever to be fubar, or if he made the world explode, mprotect is still required to report an error if the requested action failed.

but.. there's no proof yet that it failed...

Precisely. The only code sample he's sent that exhibits this "problem" is buggy because it checks the wrong addresses for protected status. In any case, if you _were_ going to try to change protection bits on malloc()ed memory, you would need to make _damn_sure_ that you didn't change the protection bits on internal data structures that malloc uses to keep track of allocations. If you remove read or write privs on malloc-internal linked-list pointers, an attempt to malloc() or free() memory might (and probably will) crash.

Cheers,
Kyle Moffett

--
I have yet to see any problem, however complicated, which, when you looked at it in the right way, did not become still more complicated.
-- Poul Anderson

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Al Viro: "Re: [patch] drivers/block: updates .owner field of struct pci_driver"
Previous message: Andrew Morton: "Re: [PATCH 7/9] mm: split page table lock"
In reply to: Arjan van de Ven: "Re: Understanding Linux addr space, malloc, and heap"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]