Password theft from memory?
Bob Hall
rjhjr0 at gmail.com
Mon Apr 25 17:54:25 UTC 2011
On Mon, Apr 25, 2011 at 05:46:33PM +0200, C. P. Ghost wrote:
> On Mon, Apr 25, 2011 at 5:15 PM, Bob Hall <rjhjr0 at gmail.com> wrote:
> > On Mon, Apr 25, 2011 at 03:18:46PM +0100, RW wrote:
> >> I don't believe the heap is allocated zeroed pages. The kernel
> >> does allocate such pages to the BSS segment, but that's because it
> >> holds zeroed data such as C static variables.
> >
> > According to McKusick and Neville-Neil's book on FreeBSD, sbrk extends
> > the uninitialized data segment with zero-filled pages. Since malloc() is
> > an interface to sbrk, it does the same thing.
>
> True, except that malloc(3) now uses both sbrk(2) and mmap(2) allocators,
> depending on the user-settable flags in /etc/malloc.conf, MALLOC_OPTIONS
> and the global variable _malloc_options. So you have to look into mmap(2)
> too.
Good point. From the man page:
"Any such extension beyond the end of the mapped object will be zero-filled."
and
"A successful mmap deletes any previous mapping in the allocated address range."
More information about the freebsd-questions
mailing list