Date: Sun, 13 Mar 2011 09:28:39 -0700 From: Kees Cook <kees@...ntu.com> To: oss-security@...ts.openwall.com Subject: Re: announcing libwipe On Sat, Mar 12, 2011 at 01:29:13AM -0500, Andrew Clausen wrote: > to the original programs. To use it for all programs in a single shell > session, set the LD_PRELOAD environment variable with the shell command > > export LD_PRELOAD=/usr/local/lib/libwipe.so > > To use it system-wide, add /usr/local/lib/libwipe.so to the /etc/ld.so.preload > configure file. > > The program uses two mechanisms: > (1) when memory is deallocated with free(3), it is zeroed out. > (2) when the process terminates, the entire memory is zeroed out. Cool, thanks for the announcement. #1 can also be done using glibc's $MALLOC_PERTURB_ environment variable (it initializes memory with new() to its value, and then fills memory with the inverse on free(). For example, "export MALLOC_PERTURB_=85" will get you an alternating bit pattern. Feature #2, however, is not handled by MALLOC_PERTURB_, and there isn't a particularly good way I've found to set MALLOC_PERTURB_ globally, unlike the /etc/ld.so.preload example for libwipe. If libwipe grew similar bit-pattern handling for new(), it could be used for similar purposes (trying to ferret out use-after-free or use-before-init bugs in general). Thanks, -Kees -- Kees Cook Ubuntu Security Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.