[PATCH] D100911: scudo: Make prepareTaggedChunk() and resizeTaggedChunk() generic.
Vitaly Buka via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Wed Apr 21 09:52:02 PDT 2021
vitalybuka added inline comments.
================
Comment at: compiler-rt/lib/scudo/standalone/combined.h:1146
+ uptr UntaggedNewPtr = untagPointer(RoundNewPtr);
+ if (UntaggedNewPtr != BlockEnd)
+ storeTag(UntaggedNewPtr);
----------------
pcc wrote:
> vitalybuka wrote:
> > Why we don't tag entire unused tail? It may detect UseAfterFree.
> We detect UAF by retagging on free. So from that perspective there's no advantage to retagging the tail here.
then why do we need to remove a tag on a single granule here?
To distinguish UAF and out of bounds?
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D100911/new/
https://reviews.llvm.org/D100911
More information about the llvm-commits
mailing list