Add guard pages for TCMalloc metadata |
|
||||||
Project Member Reported by jsc...@chromium.org, Nov 18 2011 | Back to list | ||||||
Issue descriptionIt's possible to get the TCMalloc metadata pages allocated inline with normal user-controllable data. This means that a buffer overrun in a properly laid out address space could lead to a generic exploit against TCMalloc. This is even more likely on Unix-based system due to how the allocator is implemented. The easiest solution seems to be just adding a guard page in front of the metadata.
Dec 19 2011
,
Moving bugs marked as Started but not blockers from M17 to M18. Please move back if you think this is a blocker, and add the ReleaseBlock-Stable label. If you're able.
Jan 19 2012
,
Jan 20 2012
,
This made in into M17, nice.
Oct 13 2012
,
This issue has been closed for some time. No one will pay attention to new comments. If you are seeing this bug or have new data, please click New Issue to start a new bug.
Mar 10 2013
,
Mar 13 2013
,
|
|||||||
►
Sign in to add a comment |
Comment 1 by bugdroid1@chromium.org
, Nov 30 2011