diff options
Diffstat (limited to 'libc/stdlib/malloc-standard/malloc.h')
| -rw-r--r-- | libc/stdlib/malloc-standard/malloc.h | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/libc/stdlib/malloc-standard/malloc.h b/libc/stdlib/malloc-standard/malloc.h index 44120d388..f196a560f 100644 --- a/libc/stdlib/malloc-standard/malloc.h +++ b/libc/stdlib/malloc-standard/malloc.h @@ -23,6 +23,7 @@ #include <stdlib.h> #include <sys/mman.h> #include <bits/uClibc_mutex.h> +#include <bits/uClibc_page.h> @@ -839,6 +840,21 @@ typedef struct malloc_chunk* mfastbinptr; #define get_max_fast(M) \ ((M)->max_fast & ~(FASTCHUNKS_BIT | ANYCHUNKS_BIT)) +/* + Safe-Linking: + Use randomness from ASLR (mmap_base) to protect single-linked lists + of fastbins. Together with allocation alignment checks, this mechanism + reduces the risk of pointer hijacking, as was done with Safe-Unlinking + in the double-linked lists of smallbins. +*/ +#define PROTECT_PTR(pos, ptr) ((mchunkptr)((((size_t)pos) >> PAGE_SHIFT) ^ ((size_t)ptr))) +#define REVEAL_PTR(pos, ptr) PROTECT_PTR(pos, ptr) +#define PTR_FOR_ALIGNMENT_CHECK(P) \ + (MALLOC_ALIGNMENT == 2*(sizeof(size_t)) ? (P) : chunk2mem(P)) + +#define CHECK_PTR(P) \ + if (!aligned_OK(PTR_FOR_ALIGNMENT_CHECK(P))) \ + abort(); /* morecore_properties is a status word holding dynamically discovered |