Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 17 Jul 2017 19:45:07 +0300
From: Alexander Popov <>
To: Christoph Lameter <>,
	Pekka Enberg <>,
	David Rientjes <>,
	Joonsoo Kim <>,
	Andrew Morton <>,,,,,
Subject: [PATCH 1/1] mm/slub.c: add a naive detection of double free or corruption

Add an assertion similar to "fasttop" check in GNU C Library allocator:
an object added to a singly linked freelist should not point to itself.
That helps to detect some double free errors (e.g. CVE-2017-2636) without
slub_debug and KASAN. Testing with hackbench doesn't show any noticeable
performance penalty.

Signed-off-by: Alexander Popov <>
 mm/slub.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/mm/slub.c b/mm/slub.c
index 1d3f983..a106939b 100644
--- a/mm/slub.c
+++ b/mm/slub.c
@@ -261,6 +261,7 @@ static inline void *get_freepointer_safe(struct kmem_cache *s, void *object)
 static inline void set_freepointer(struct kmem_cache *s, void *object, void *fp)
+	BUG_ON(object == fp); /* naive detection of double free or corruption */
 	*(void **)(object + s->offset) = fp;

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ