Password theft from memory?
RW
rwmaillists at googlemail.com
Wed Apr 27 23:10:20 UTC 2011
On Wed, 27 Apr 2011 06:14:02 -0400
Bob Hall <rjhjr0 at gmail.com> wrote:
> malloc() uses either sbrk or mmap to extend the heap. As far as I
> know, sbrk extends the heap with zero filled memory. According to the
> man page, mmap extends it either with remapped data, or with remapped
> data plus additional zero filled memory.
The man page doesn't mean what you think it means. It's a lot clearer
here:
http://pubs.opengroup.org/onlinepubs/007908799/xsh/mmap.html
"The system always zero-fills any partial page at the end of an
object. Further, the system never writes out any modified portions of
the last page of an object that are beyond its end. References
within the address range starting at pa and continuing for len bytes
to whole pages following the end of an object result in delivery of
a SIGBUS signal."
I'm not saying that anonymous mappings used by malloc aren't
zero-filled, just that it's not mentioned anywhere in the mmap man
page. I think it's just taken as read.
More information about the freebsd-questions
mailing list