De Raadt + FBSD + OpenSSH + hole?
Jamie Landeg-Jones
jamie at dyslexicfish.net
Mon Apr 21 02:19:07 UTC 2014
RW <rwmaillists at googlemail.com> wrote:
> It can return the physical memory, but there are a couple of caveats.
> Firstly, it can only return whole pages. Secondly, it's not returned
> instantaneously to avoid the overhead of page-faults and zeroing pages
> if that region is remalloced. It's left to the page-daemon to recover
> the physical memory in its own time, and it remains readable by it's
> previous process until it's reassigned.
Again, thanks for clearing that up for me. I wasn't all that far
off-base after all, but yours and Nathans replies make sense!
So there is a real world use for calloc after all! (though only as
a bug catching security measure - no sane program should ever read
its memory it hasn't yet written to!)
cheers, jamie
More information about the freebsd-security
mailing list