Date: Tue, 12 Mar 2002 09:29:52 +0100 From: Miguel Mendez <flynn@energyhq.homeip.net> To: Alan Eldridge <alane@geeksrus.net> Cc: FreeBSD Ports List <ports@freebsd.org> Subject: Re: Only linux-emulation-based ports are affected by zlib advisory. Message-ID: <20020312092952.A13616@energyhq.homeip.net> In-Reply-To: <20020312002905.GB862@wwweasel.geeksrus.net>; from alane@geeksrus.net on Mon, Mar 11, 2002 at 07:29:05PM -0500 References: <20020312002905.GB862@wwweasel.geeksrus.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--xHFwDpU9dbj6ez1V
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Mon, Mar 11, 2002 at 07:29:05PM -0500, Alan Eldridge wrote:
> I just got a clarification on the stable list I'll pass along:
>=20
> Paraphrasing:
>=20
> Only those ports which run under linux-emulation are possibly vulnerable.
> Native ports are *not* vulnerable due to a difference in the way our mall=
oc(3)
> is implemented.
In fact not even those. Stallman/libc reads an env var that determines
it's behaviour.
Per man page:
Recent versions of Linux libc (later than 5.4.23) and GNU libc (2.x)
include a malloc implementation which is tun=ADable via environment
variables. When MALLOC_CHECK_ is set, a special (less efficient)
implementation is used which is designed to be tolerant against simple
errors, such as double calls of free() with the same argument, or
overruns of a single byte (off-by-one bugs). Not all such errors can be
proteced against, however, and memory leaks can result. If
MALLOC_CHECK_ is set to 0, any detected heap corruption is silently
ignored; if set to 1, a diag=ADnostic is printed on stderr; if set to 2,
abort() is called immediately. This can be useful because otherwise a
crash may happen much later, and the true cause for the problem is then
very hard to track down.=20
=20
Cheers,
--=20
Miguel Mendez - flynn@energyhq.homeip.net
GPG Public Key :: http://energyhq.homeip.net/files/pubkey.txt
EnergyHQ :: http://www.energyhq.tk
FreeBSD - The power to serve!
--xHFwDpU9dbj6ez1V
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org
iD8DBQE8jbx/nLctrNyFFPERApJYAJ49zDwt6eX+Ny6Bk2TEcTZ7cdiu8gCgmm5b
I+yRNRYPMwKlmX9WdoJe5GQ=
=KVXV
-----END PGP SIGNATURE-----
--xHFwDpU9dbj6ez1V--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020312092952.A13616>