[compiler-rt] [scudo] Mitigate commitbase exploit (PR #75295)
via llvm-commits
llvm-commits at lists.llvm.org
Wed Jan 17 15:18:54 PST 2024
ChiaHungDuan wrote:
Thanks for submitting this pull request.
I'm concerning with the overhead of doing this. We always need to visit all the in-use blocks for every allocation/deallocation. In terms of memory overhead, from the implementation, it doesn't have a way to reduce the space used by pointer recording (BTW, we already store the blocks in-use). That means the performance and memory footprint may be getting worse overtime.
In addition, when the checksum is compromised, a fake chunk can be freed to the primary allocator as well. So it seems to me that this check can be bypassed easily. So far, if we do have concern for this, quarantine is a good option to mitigate this issue (even it's doing a different protection than this)
https://github.com/llvm/llvm-project/pull/75295
More information about the llvm-commits
mailing list