Date: Wed, 16 Jul 2003 05:55:21 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Marcel Moolenaar <marcel@xcllnt.net> Cc: Kris Kennaway <kris@obsecurity.org> Subject: Re: Fix for rman [was: Re: [-CURRENT tinderbox] ...] Message-ID: <20030716125521.GA27790@rot13.obsecurity.org> In-Reply-To: <20030716100506.GA18693@dhcp01.pn.xcllnt.net> References: <20030715185438.GB15674@dhcp01.pn.xcllnt.net> <xzpy8yzty2m.fsf@dwp.des.no> <20030715190456.GC15674@dhcp01.pn.xcllnt.net> <20030715193518.GA1660@crow.dom2ip.de> <20030716010908.GA24218@rot13.obsecurity.org> <20030716051103.GB17596@dhcp01.pn.xcllnt.net> <20030716051601.GA25527@rot13.obsecurity.org> <20030716074337.GA17997@dhcp01.pn.xcllnt.net> <20030716085227.GA26428@rot13.obsecurity.org> <20030716100506.GA18693@dhcp01.pn.xcllnt.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--ew6BAiZeqk4r7MaW Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jul 16, 2003 at 03:05:06AM -0700, Marcel Moolenaar wrote: > > Hmm, I'm not sure this is the same bug I was seeing, because mine went > > away when I turned off malloc debugging. >=20 > Without malloc debugging the chance that the allocated memory has > zeroes is large(r). Going past the terminating '\0' if it's followed > by another one then hides the bug. With J, malloc() makes sure the > allocated memory is not zero and thus exposes the bug. Sounds plausible. Good catch! Kris --ew6BAiZeqk4r7MaW Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/FUs4Wry0BWjoQKURAh2XAKDJDro31k9oPDPhgSanyOzrmIskvwCeLfls iPdtkBocrer9OMhPNvmyJiI= =HvzP -----END PGP SIGNATURE----- --ew6BAiZeqk4r7MaW--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030716125521.GA27790>