git.samba.org / metze / samba / wip.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e2497b2) | patch
talloc: Do not disclose the random talloc magic in free()'ed memory
authorAndrew Bartlett <abartlet@samba.org>
Mon, 8 Jan 2018 04:34:31 +0000 (17:34 +1300)
committerStefan Metzmacher <metze@samba.org>
Fri, 12 Jan 2018 21:42:21 +0000 (22:42 +0100)
commit062309755888349afaa05dff7ac48ea8867110e0
tree62d7865c37515e2bbacde7a7e9a1d3f7a0530c99tree
parente2497b26b2ec8a9ae4401d0380431c897959c627commit | diff
talloc: Do not disclose the random talloc magic in free()'ed memory

This may help us avoid exploits via memory read attacks on Samba by ensuring that if the read
is on an invalid chunk that the talloc magic disclosed there is not useful
to create a valid chunk and so set a destructor.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13211

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
lib/talloc/talloc.c diff | blob | history
Work in progress branches