From owner-freebsd-hackers@FreeBSD.ORG Mon Jun 13 21:33:57 2005 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9424316A41C for ; Mon, 13 Jun 2005 21:33:57 +0000 (GMT) (envelope-from mhunter@malcolm.berkeley.edu) Received: from malcolm.berkeley.edu (malcolm.Berkeley.EDU [128.32.206.239]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4615243D1F for ; Mon, 13 Jun 2005 21:33:57 +0000 (GMT) (envelope-from mhunter@malcolm.berkeley.edu) Received: from malcolm.berkeley.edu (localhost [127.0.0.1]) by malcolm.berkeley.edu (8.13.3/8.13.3) with ESMTP id j5DLXtOM079553 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 13 Jun 2005 14:33:55 -0700 (PDT) (envelope-from mhunter@malcolm.berkeley.edu) Received: (from mhunter@localhost) by malcolm.berkeley.edu (8.13.3/8.13.3/Submit) id j5DLXtfm079552; Mon, 13 Jun 2005 14:33:55 -0700 (PDT) (envelope-from mhunter) Date: Mon, 13 Jun 2005 14:33:55 -0700 From: Mike Hunter To: Dag-Erling =?unknown-8bit?Q?Sm=F8rgrav?= , freebsd-hackers@freebsd.org Message-ID: <20050613213354.GA78702@malcolm.berkeley.edu> References: <20050610224058.GA11336@malcolm.berkeley.edu> <86vf4lb110.fsf@xps.des.no> <20050613193150.GA75218@malcolm.berkeley.edu> <20050613195026.GA90010@falcon.midgard.homeip.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050613195026.GA90010@falcon.midgard.homeip.net> User-Agent: Mutt/1.5.6i X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-1.6 (malcolm.berkeley.edu [127.0.0.1]); Mon, 13 Jun 2005 14:33:55 -0700 (PDT) Cc: Subject: Re: unitialized memory is all zeros...why not garbage instead? X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Jun 2005 21:33:57 -0000 On Jun 13, "Erik Trulsson" wrote: > > Is the pre-zeroing of malloc'd memory documented somewhere? By my reading > > of the malloc manapge... > > > > The calloc() function allocates space for number objects, each size > > bytes in length. The result is identical to calling malloc() with an > > argument of ``number * size'', with the exception that the allocated > > memory is explicitly initialized to zero bytes. > > > > ...it seems like it's saying that malloc (as opposed to calloc) is NOT > > pre-zeroed. Is there a different document I should be reading? > > Note that this pre-zeroing is not done by malloc, but is done by the > kernel before it hands over memory to a process. Memory is not necessarily > returned to the system when free() is called, but is often retained > within the process and reused by the next malloc(). > > > This means that if you have a sequence like the following: > > foo=malloc(1234); > bar=malloc(1234); > /* do something that fills the memory that foo points to with garbage > */ > free(foo); > baz=malloc(1234); > > Then there is no guarantees whatsoever that baz will not point to > garbage. The memory that malloc() returns in the third call to > malloc() will most likely be the same as that previously pointed to by > foo and will still be filled with garbage. > > If your program needs zeroed memory you should use calloc() or do the > zeroing yourself - malloc doesn't do it. > > What is guaranteed is that any garbage in the memory returned by > malloc() will have been created by the same process, so that > information is not leaked from another process in this way. > > In short memory from malloc() may or may not be pre-zeroed, but it is > not a security problem in either case. I got it. Thanks! This all stemmed from a discussion I was having with a coworker about vmware. I wondered aloud if information might leak from one VM to another via malloc. Whatever the answer is to that question (it's a linux VM server), I can now say I understand how FreeBSD behaves. Thanks again! Mike