From owner-freebsd-security@FreeBSD.ORG Tue Jun 20 19:19:06 2006 Return-Path: X-Original-To: freebsd-security@FreeBSD.org Delivered-To: freebsd-security@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D448616A479; Tue, 20 Jun 2006 19:19:06 +0000 (UTC) (envelope-from dan@obluda.cz) Received: from smtp1.kolej.mff.cuni.cz (smtp1.kolej.mff.cuni.cz [195.113.24.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3AB0243D48; Tue, 20 Jun 2006 19:19:05 +0000 (GMT) (envelope-from dan@obluda.cz) X-Envelope-From: dan@obluda.cz Received: from [10.20.0.26] (openvpn.ms.mff.cuni.cz [195.113.20.87]) by smtp1.kolej.mff.cuni.cz (8.13.1/8.13.1) with ESMTP id k5KJJO7H095699; Tue, 20 Jun 2006 21:19:26 +0200 (CEST) (envelope-from dan@obluda.cz) Message-ID: <44984A25.8060001@obluda.cz> Date: Tue, 20 Jun 2006 21:19:01 +0200 From: Dan Lukes User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.8.0.4) Gecko/20060605 SeaMonkey/1.0.2 MIME-Version: 1.0 To: Jason Evans References: <20060618203903.31161.qmail@web30306.mail.mud.yahoo.com> <44967861.6070509@obluda.cz> <20060620125350.10d0c9ef.nick@nickwithers.com> <44980ECC.5000607@obluda.cz> <20060620170353.GB90842@gothmog.pc> <449833DD.70904@FreeBSD.org> In-Reply-To: <449833DD.70904@FreeBSD.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-security@freebsd.org, Giorgos Keramidas Subject: Re: memory pages nulling when releasing X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jun 2006 19:19:06 -0000 Jason Evans napsal/wrote, On 06/20/06 19:43: >>> BTW, Z nor J doesn't imply 'R' despite of text of manual page. > The man page looks accurate to me. What aspect of the descriptions of > 'J' and 'Z' do you think is incorrect? From manual page: ======================= J ... This options also sets the ``R'' option. ... Z This option implicitly sets the ``J'' and ``R'' options, ======================= From libc/stdlib/malloc.c (the lines containing malloc_realloc + some lines around) ======================= static int malloc_realloc; ... case 'r': malloc_realloc = 0; break; case 'R': malloc_realloc = 1; break; case 'j': malloc_junk = 0; break; ... if (!malloc_realloc && /* Unless we have to, */ size <= osize && /* .. or are too small, ... if (!malloc_realloc && /* Unless we have to, */ size <= osize && /* ..or are too small, */ ======================= The malloc_realloc seems to be set on one place only - when R/r present. Then it is used only. I see no dependency to J nor Z I send no PR because I have submitted several more important PR's which are untouched for months. I don't want to overload committers nor PR database. Dan -- Dan Lukes SISAL MFF UK AKA: dan@obluda.cz, dan@freebsd.cz,dan@kolej.mff.cuni.cz