From owner-freebsd-security@FreeBSD.ORG Wed Jul 27 13:03:01 2011 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5D87F106566B for ; Wed, 27 Jul 2011 13:03:01 +0000 (UTC) (envelope-from sean@gothic.net.au) Received: from hosted.gothic.net.au (eth1539.vic.adsl.internode.on.net [150.101.217.2]) by mx1.freebsd.org (Postfix) with ESMTP id 0D1B38FC15 for ; Wed, 27 Jul 2011 13:03:00 +0000 (UTC) Received: from hosted.gothic.net.au (localhost [127.0.0.1]) by hosted.gothic.net.au (Postfix) with ESMTP id 8EF4B8DF427; Wed, 27 Jul 2011 22:44:56 +1000 (EST) X-Virus-Scanned: amavisd-new at gothic.net.au Received: from hosted.gothic.net.au ([127.0.0.1]) by hosted.gothic.net.au (hosted.gothic.net.au [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JT5Ro1Ho1aGT; Wed, 27 Jul 2011 22:44:46 +1000 (EST) Received: from samael.gothic.net.au (eth1540.vic.adsl.internode.on.net [150.101.217.3]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: sean@gothic.net.au) by hosted.gothic.net.au (Postfix) with ESMTPSA id A60ED8DF425; Wed, 27 Jul 2011 22:44:46 +1000 (EST) Mime-Version: 1.0 (Apple Message framework v1244.3) Content-Type: text/plain; charset=us-ascii From: Sean In-Reply-To: Date: Wed, 27 Jul 2011 22:44:45 +1000 Content-Transfer-Encoding: quoted-printable Message-Id: References: To: grarpamp X-Mailer: Apple Mail (2.1244.3) Cc: freebsd-security@freebsd.org Subject: Re: Malloc -Z X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Jul 2011 13:03:01 -0000 On 27/07/2011, at 4:49 PM, grarpamp wrote: > Was reading malloc(3) while chasing corruption suspects. > Does the presence of -Z imply that without it, programs > can be allocated dirty (non-zeroed) memory? > If so, it seems running with -Z would be prudent if one cares. > Therefore, what is the rough percent performance > impact of -Z compared to default malloc? >=20 malloc(3) has never provided zeroed memory. If you need zeroed memory in = C, you either need to zero it yourself using memset(3), or use = calloc(3). It's been part of the language standard for over 20 years now, and is = the same in that regard on every platform that provides malloc(3). What would be prudent as a developer (and is the default in CURRENT I = believe) is to use J - it enforces the "memory from malloc(3) is not = guaranteed to be zeroed." by specifically setting it to non-zero. > Bonus: > What would be needed to make the useful streams: > /dev/one > /dev/10 > /dev/01 > In addition to /dev/zero. > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to = "freebsd-security-unsubscribe@freebsd.org"