[PATCH] D20084: [sanitizer] Initial implementation of a Hardened Allocator
Kostya Kortchinsky via llvm-commits
llvm-commits at lists.llvm.org
Tue May 31 08:55:53 PDT 2016
cryptoad added a comment.
In http://reviews.llvm.org/D20084#444017, @dvyukov wrote:
> But that would mean that an attacker broke ASLR and can write arbitrary values at necessary memory locations. Does it still make sense to defend in such case?
That is correct. I think it is still worth it to not take the chance.
Previous work on other heaps have leveraged such features, given the same assumptions (for example the commit function pointer in the Windows Heap https://www.blackhat.com/presentations/bh-usa-09/MCDONALD/BHUSA09-McDonald-WindowsHeap-PAPER.pdf).
I think it's particularly important to make sure that the failure path fails fast and ideally without the possibility of interruption (like __fastfail http://www.alex-ionescu.com/?p=69).
http://reviews.llvm.org/D20084
More information about the llvm-commits
mailing list