Date: Fri, 19 Feb 2016 15:11:03 -0500 From: Rich Felker <dalias@...c.org> To: oss-security@...ts.openwall.com Subject: Re: Address Sanitizer local root On Wed, Feb 17, 2016 at 10:03:59PM -0500, Daniel Micay wrote: > On Wed, 2016-02-17 at 17:24 -0800, Konstantin Serebryany wrote: > > Sadly MPX is too slow, too memory-hungry, and does not protect from > > use-after-free at all. > > MPX is definitely problematic (performance, memory usage, false > positives with some atomic data structures, false positives without > using it everywhere - essentially a new ABI) but I don't think the lack > of coverage for lifetime issues is a major issue. > > The malloc implementation can do a good job at mitigating lifetime > issues though. It can't detect 100% of UAF issues, but it can force > usage of pointers to fault (via proper junk filling) and detect write > after free via a comparable quarantine technique + validating that the > junk data is unaltered when allocations leave the quarantine. It can be > just as good at detecting double-free. > > See the follow-up email: > > http://www.openwall.com/lists/oss-security/2016/02/18/3 > > It's extremely painful to actually debug the aborts and faults produced > from this kind of hardening, so it doesn't really displace ASan at all > even for the bits where it can be as reliable, and it doesn't cover the > read-after-free case in the same way. As long as the aborts/faults happen at the earliest point where the wrong program behavior can be detected, I see no way they are "more painful to debug" than having ASan or similar introspectively print crash info. Attaching a debugger should get you equally useful information. Rich
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ