[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: zlib bug

To: art@blahonga.org (Artur Grabowski)
Subject: Re: zlib bug
From: Darren Reed <avalon@coombs.anu.edu.au>
Date: Tue, 12 Mar 2002 22:40:43 +1100 (Australia/ACT)
Cc: grendel@heorot.stanford.edu (Ted U), ian@assv.net (Ian D),misc@openbsd.org

In some mail from Artur Grabowski, sie said:
[...]
> That depends on in which order you do the double free.
> 
> if it's:
> 
> x = malloc();
> free(x);
> free(x);
> 
> Then everything should be safe with phk malloc.
> 
> But if it's:
> 
> x = malloc();
> free(x);
> a = malloc();
> free(x);
> b = malloc();
> 
> no malloc implementation will catch that and you have a big risk that
> 'a' and 'b' will point to the same memory.
> 
> I don't know how bad it was in zlib.

What about ppp (deflate) in the kernel and the kernel malloc/free ?

Is /sys/net/zlib.c in need of patching ?

Darren

Follow-Ups:
- Re: zlib bug
  - From: "Todd C. Miller" <Todd.Miller@courtesan.com>

References:
- Re: zlib bug
  - From: Artur Grabowski <art@blahonga.org>

Prev by Date: Re: Disabling monitor power sleep mode
Next by Date: malloc.conf
Prev by thread: Re: zlib bug
Next by thread: Re: zlib bug
Index(es):
- Date
- Thread