size requirements and keeping entropy in the talloc_magic

Andrew Bartlett abartlet at
Thu Oct 22 19:54:32 UTC 2020

On Thu, 2020-10-22 at 12:02 -0500, Arran Cudbard-Bell via samba-
technical wrote:
> Is there any real issue with only having 24bits of magic if 32bit
> size fields were implemented?

Our talloc magic provides some important security properties, which are
decreased by half for every bit lot.

That is, we have in the past had attacks on our talloc
destructor functionality by forging a talloc header.  I changed our
talloc header to be a per-exec random number for this reason, to make
it much harder to forge a talloc chunk.

If we reduce that too much, we loose the protection. 

Everything is a trade off naturally, I just want to be clear what the
reasoning here is for keeping it as long as possible.

Andrew Bartlett

Andrew Bartlett             
Authentication Developer, Samba Team
Samba Developer, Catalyst IT 

More information about the samba-technical mailing list