[PATCH][WIP] Make exploiting talloc harder by using a random talloc_magic
abartlet at samba.org
Wed Oct 16 19:34:14 MDT 2013
This patch is inspired by the exploit in
and is an idea to see if we can make it harder to exploit talloc.
The re-order is designed to put the flags earlier into the talloc_chunk,
where they would have to be overwritten.
The only downsides I see so far are:
- startup needs to select a better random number
- we loose the magic 'different talloc version' detection, it will just
abort with wrong magic. However library .so names and symbol versions
will probably avoid this, now we always build with waf.
- presumably the compiler would have been able to optimise the previous
talloc version check
What do folks think, and can I get some help to prove it would disrupts
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 5773 bytes
Desc: not available
More information about the samba-technical