[PATCH][WIP] Make exploiting talloc harder by using a random talloc_magic

Andrew Bartlett abartlet at samba.org
Sat Jan 18 02:43:02 MST 2014

On Sat, 2014-01-18 at 10:03 +0100, Stefan (metze) Metzmacher wrote:
> Am 17.10.2013 23:36, schrieb Andrew Bartlett:
> > On Thu, 2013-10-17 at 15:05 -0400, Simo wrote:
> > 
> >> In that case everything will break immediately anyway, having 2 copies
> >> of talloc in the same process is just wrong, so I do not see a *real*
> >> problem. It make no sense to cater for broken binaries.
> > 
> > We are in violent agreement. 
> Should we continue to bring a version of this patch upstream?

I would like to.  The only issue I had was how to get the random number
without major impact on the system or on the library loading, and
perhaps some rework to ensure the branch for the init code is present in
as few cases as possible. 


Andrew Bartlett

Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba-technical mailing list