misc/124410: malloc exposes previously free'd memory

rene.schickbauer at magnapowertrain.com rene.schickbauer at magnapowertrain.com
Mon Jun 9 09:40:06 UTC 2008

The following reply was made to PR misc/124410; it has been noted by GNATS.

From: rene.schickbauer at magnapowertrain.com
To: bug-followup at FreeBSD.org, rene.schickbauer at magnapowertrain.com
Subject: Re: misc/124410: malloc exposes previously free'd memory
Date: Mon, 9 Jun 2008 11:08:13 +0200

 I forgot to mention:
 Yes, i know, there is an option for malloc() to automatically initialize
 memory to "0".
 But this is doesn't look like it's enough:
 For one thing, it looks like the user may override global setting (is
 unsetting an option possible?). According to the man-page, the memset() (if
 option is set) is done in malloc() instead directly in the kernel, and
 realloc() and reallocf() are not covered at all.
 Also, free()ing memory should wipe it for security reasons, for example it
 may help against the "RAM freezing hacks", in cases where the application
 has already free()'d but not malloc()'d security relevant data; see also

More information about the freebsd-bugs mailing list