Site Navigation

Date:      Mon, 1 Jun 2015 16:50:50 +0000
From:      "Gumpula, Suresh" <Suresh.Gumpula@netapp.com>
To:        "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org>
Subject:   Re: Use after free check for all private zones too
Message-ID:  <D19203B6.3975C%gsuresh@netapp.com>
In-Reply-To: <D16D1B68.377D6%gsuresh@netapp.com>
References:  <D16D1B68.377D6%gsuresh@netapp.com>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

--_002_D19203B63975Cgsureshnetappcom_
Content-Type: text/plain; charset="us-ascii"
Content-ID: <17DE2A073DA2BD4CB2583EE0D741C3BC@hq.netapp.com>
Content-Transfer-Encoding: quoted-printable

Hi,
  I have attached the diff.  Can somebody please review and commit this ?



Thanks
Suresh


On 5/4/15, 12:49 PM, "Gumpula, Suresh" <Suresh.Gumpula@netapp.com> wrote:

>Hi ,
>     Currently use after free check is available for  power of 2 malloc
>zones ( mt_rash_ctor/ m_trash_dotr ) which writes uma_junk(0xdeadc0de) on
>freed memory and
>validates on reusing the object for others .
>   Similary we( NETAPP)  have added a check for all  other private zones
>too with  trash_ctor/ trash_dtor .    We pass the trash_ctor/trash_dtor
>to uma_zcreate(9) if  it is called with NULL for constructor/destructor.
>This change uncovered the couple of bugs inernally.  One  of this is in
>tcp timer bug
>https://svnweb.freebsd.org/base?view=3Drevision&revision=3D281599
>
>Its a useful check and uncovers use after free bugs .  Would like to push
>this change .  Any comments/suggestions  please ?
>
>Thanks
>Suresh
>
>
>
>_______________________________________________
>freebsd-hackers@freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
>To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"


--_002_D19203B63975Cgsureshnetappcom_
Content-Type: application/octet-stream; name="patch.patch"
Content-Description: patch.patch
Content-Disposition: attachment; filename="patch.patch"; size=1446;
	creation-date="Mon, 01 Jun 2015 16:50:49 GMT";
	modification-date="Mon, 01 Jun 2015 16:50:49 GMT"
Content-ID: <65EE2E0E69E38741ABDC01EE474295E6@hq.netapp.com>
Content-Transfer-Encoding: base64

ZGlmZiAtdXJOIGhlYWQvc3lzL3ZtL3VtYV9jb3JlLmMgem9uZV9jcHVfY2FjaGUvc3lzL3ZtL3Vt
YV9jb3JlLmMKLS0tIGhlYWQvc3lzL3ZtL3VtYV9jb3JlLmMJMjAxNC0xMS0xMyAyMDozNjo0NS4w
MTE0MDYwMDAgLTA1MDAKKysrIHpvbmVfY3B1X2NhY2hlL3N5cy92bS91bWFfY29yZS5jCTIwMTUt
MDUtMjEgMTA6MzM6NDEuMjM5NTY4MDAwIC0wNDAwCkBAIC0xOTM5LDYgKzE5MzksMTcgQEAKIAlh
cmdzLmR0b3IgPSBkdG9yOwogCWFyZ3MudW1pbml0ID0gdW1pbml0OwogCWFyZ3MuZmluaSA9IGZp
bmk7CisjaWZkZWYgIElOVkFSSUFOVFMKKyAgICAgICAgLypJZiBhIHpvbmUgaXMgYmVpbmcgY3Jl
YXRlZCB3aXRoIGFuIGVtcHR5IGNvbnN0cnVjdG9yIGFuZCBkZXN0cnVjdG9yICwgcGFzcyBVTUEg
Y29uc3RydWN0b3IvZGVzdHJ1Y3RvcgorICAgICAgICAgIHdoaWNoIGNoZWNrIGZvciB1c2UgYWZ0
ZXIgZnJlZSBvZiBtZW1vcnkKKyAgICAgICAgICAqLworICAgICAgICBpZiAoKCEoZmxhZ3MgJiBV
TUFfWk9ORV9aSU5JVCkpICYmIGN0b3IgPT0gTlVMTCAmJiBkdG9yID09IE5VTEwgJiYgdW1pbml0
ID09IE5VTEwgJiYgZmluaSA9PSBOVUxMKSB7CisgICAgICAgICAgICAgICAgYXJncy5jdG9yID0g
dHJhc2hfY3RvcjsKKyAgICAgICAgICAgICAgICBhcmdzLmR0b3IgPSB0cmFzaF9kdG9yOworICAg
ICAgICAgICAgICAgIGFyZ3MudW1pbml0ID0gdHJhc2hfaW5pdDsKKyAgICAgICAgICAgICAgICBh
cmdzLmZpbmkgPSB0cmFzaF9maW5pOworICAgICAgICB9CisjZW5kaWYKIAlhcmdzLmFsaWduID0g
YWxpZ247CiAJYXJncy5mbGFncyA9IGZsYWdzOwogCWFyZ3Mua2VnID0gTlVMTDsKZGlmZiAtdXJO
IGhlYWQvc3lzL3ZtL3VtYV9kYmcuYyB6b25lX2NwdV9jYWNoZS9zeXMvdm0vdW1hX2RiZy5jCi0t
LSBoZWFkL3N5cy92bS91bWFfZGJnLmMJMjAxNC0xMS0xMyAyMDozNjo0NC44MTQ0MDAwMDAgLTA1
MDAKKysrIHpvbmVfY3B1X2NhY2hlL3N5cy92bS91bWFfZGJnLmMJMjAxNS0wNS0yMSAxMDozNjow
NC44NTg0NjgwMDAgLTA0MDAKQEAgLTY5LDggKzY5LDExIEBACiAKIAlmb3IgKHAgPSBtZW07IGNu
dCA+IDA7IGNudC0tLCBwKyspCiAJCWlmICgqcCAhPSB1bWFfanVuaykgewotCQkJcHJpbnRmKCJN
ZW1vcnkgbW9kaWZpZWQgYWZ0ZXIgZnJlZSAlcCglZCkgdmFsPSV4IEAgJXBcbiIsCi0JCQkgICAg
bWVtLCBzaXplLCAqcCwgcCk7CisjaWZkZWYgSU5WQVJJQU5UUworCQkJcGFuaWMoIk1lbW9yeSBt
b2RpZmllZCBhZnRlciBmcmVlICVwKCVkKSB2YWw9JXggQCAlcFxuIiwgbWVtLCBzaXplLCAqcCwg
cCk7CisjZWxzZQorCQkJcHJpbnRmKCJNZW1vcnkgbW9kaWZpZWQgYWZ0ZXIgZnJlZSAlcCglZCkg
dmFsPSV4IEAgJXBcbiIsIG1lbSwgc2l6ZSwgKnAsIHApOworI2VuZGlmCiAJCQlyZXR1cm4gKDAp
OwogCQl9CiAJcmV0dXJuICgwKTsK

--_002_D19203B63975Cgsureshnetappcom_--

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?D19203B6.3975C%gsuresh>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact