FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian Development

 
 
LinkBack Thread Tools
 
Old 06-18-2012, 08:11 PM
Jamie White
 
Default Malloc and security

Hiya

Just a quick question, which malloc, is there anyway that this function
(used in C) could allocate memory into already allocated memory, such as
the stack - or code space!


Jamie


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4FDF8B8E.2020306@jatos.co.uk">http://lists.debian.org/4FDF8B8E.2020306@jatos.co.uk
 
Old 06-18-2012, 08:25 PM
Jamie White
 
Default Malloc and security

Hiya

Just a quick question, which malloc, is there anyway that this function
(used in C) could allocate memory into already allocated memory, such as
the stack - or code space!


Jamie


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4FDF8ECF.4030404@jatos.co.uk">http://lists.debian.org/4FDF8ECF.4030404@jatos.co.uk
 
Old 06-18-2012, 08:31 PM
Lars Wirzenius
 
Default Malloc and security

On Mon, Jun 18, 2012 at 09:25:51PM +0100, Jamie White wrote:
> Just a quick question, which malloc, is there anyway that this
> function (used in C) could allocate memory into already allocated
> memory, such as the stack - or code space!

The debian-devel mailing list is meant for development _of_ Debian,
not _with_ Debian. In other words, we use this list for discussing
how to make Debian itself better. Your question seems to be better
suited for the other category. For that, I do not know of suitable
mailing lists, but the Usenet newsgroup comp.lang.c would do; also
the website http://stackoverflow.com/ may be helpful.

(The short answer is: It's not a problem in malloc, it's a problem
in your code, and you probably have a pointer problem or your code
uses memory that has already been freed.)

Happy hacking.

--
All my predictions will turn out to be false
 
Old 06-18-2012, 08:38 PM
Ben Hutchings
 
Default Malloc and security

On Mon, Jun 18, 2012 at 09:25:51PM +0100, Jamie White wrote:
> Hiya
>
> Just a quick question, which malloc, is there anyway that this
> function (used in C) could allocate memory into already allocated
> memory, such as the stack - or code space!

Assuming that the program uses memory correctly, no. But if the
program has a bug that causes it to write to unallocated memory, it
could corrupt the memory allocator's state so that malloc later
returns memory that has already been allocated.

This isn't really on-topic for debian-devel, as it's a general C
language/library question. Perhaps you should send further
questions to the comp.lang.c newsgroup, unless they're specific
to development of the Debian distribution.

Ben.

--
Ben Hutchings
We get into the habit of living before acquiring the habit of thinking.
- Albert Camus


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20120618203815.GM2753@decadent.org.uk">http://lists.debian.org/20120618203815.GM2753@decadent.org.uk


Mon Jun 18 23:30:01 2012
Return-Path: <anaconda-devel-list-bounces@redhat.com>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
eagle542.startdedicated.com
X-Spam-Level:
X-Spam-Status: No, score=-5.0 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_HI,
T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: tom@linux-archive.org
Delivered-To: tom-linux-archive.org@eagle542.startdedicated.com
Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25])
by eagle542.startdedicated.com (Postfix) with ESMTP id D5EF220E0244
for <tom@linux-archive.org>; Mon, 18 Jun 2012 22:39:06 +0200 (CEST)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id q5IKaLOS012509;
Mon, 18 Jun 2012 16:36:21 -0400
Received: from int-mx10.intmail.prod.int.phx2.redhat.com
(int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id q5IKaKVo022720
for <anaconda-devel-list@listman.util.phx.redhat.com>;
Mon, 18 Jun 2012 16:36:20 -0400
Received: from mx1.redhat.com (ext-mx13.extmail.prod.ext.phx2.redhat.com
[10.5.110.18])
by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP
id q5IKaFt4031955
for <anaconda-devel-list@redhat.com>; Mon, 18 Jun 2012 16:36:15 -0400
Received: from g6t0184.atlanta.hp.com (g6t0184.atlanta.hp.com [15.193.32.61])
by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q5IKaDFc016686
for <anaconda-devel-list@redhat.com>; Mon, 18 Jun 2012 16:36:13 -0400
Received: from G4W3011G.americas.hpqcorp.net (g4w3011g.houston.hp.com
[16.234.25.125]) (using TLSv1 with cipher AES128-SHA (128/128 bits))
(No client certificate requested)
by g6t0184.atlanta.hp.com (Postfix) with ESMTPS id 30F71C013
for <anaconda-devel-list@redhat.com>;
Mon, 18 Jun 2012 20:36:13 +0000 (UTC)
Received: from G4W3200G.americas.hpqcorp.net (16.234.105.236) by
G4W3011G.americas.hpqcorp.net (16.234.25.125) with Microsoft SMTP
Server (TLS) id 14.2.283.4; Mon, 18 Jun 2012 20:35:15 +0000
Received: from G4W3203.americas.hpqcorp.net ([169.254.13.77]) by
G4W3200G.americas.hpqcorp.net ([16.234.105.236]) with mapi id
14.02.0283.003; Mon, 18 Jun 2012 20:35:14 +0000
From: "Parthasarathy, Balaji (BCS, Cupertino, USA)"
<balaji.parthasarathy@hp.com>
To: "anaconda-devel-list@redhat.com" <anaconda-devel-list@redhat.com>
Subject: How to get a shell when kickstart install fails/hangs
Thread-Topic: How to get a shell when kickstart install fails/hangs
Thread-Index: Ac1Nkdc3CGhD96kZR7eW4/wRhL8KnA==
Date: Mon, 18 Jun 2012 20:34:46 +0000
Message-ID: <774A286A68497042B74D49490106082E35B72552@G4W3203. americas.hpqcorp.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [15.193.49.14]
MIME-Version: 1.0
X-RedHat-Spam-Score: -105.009 (HTML_MESSAGE, RCVD_IN_DNSWL_HI,
T_RP_MATCHES_RCVD, USER_IN_WHITELIST)
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23
X-Scanned-By: MIMEDefang 2.68 on 10.5.110.18
X-loop: anaconda-devel-list@redhat.com
X-BeenThere: anaconda-devel-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
Reply-To: Discussion of Development and Customization of the Red Hat Linux
Installer <anaconda-devel-list@redhat.com>
List-Id: Discussion of Development and Customization of the Red Hat Linux
Installer <anaconda-devel-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/anaconda-devel-list>,
<mailto:anaconda-devel-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/anaconda-devel-list>
List-Post: <mailto:anaconda-devel-list@redhat.com>
List-Help: <mailto:anaconda-devel-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/anaconda-devel-list>,
<mailto:anaconda-devel-list-request@redhat.com?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============5735257252912195003=="
Sender: anaconda-devel-list-bounces@redhat.com
Errors-To: anaconda-devel-list-bounces@redhat.com

--===============5735257252912195003==
Content-Language: en-US
Content-Type: multipart/alternative;
boundary="_000_774A286A68497042B74D49490106082E35B 72552G4W3203americas_"

--_000_774A286A68497042B74D49490106082E35B72552G4W32 03americas_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

I have been experimenting with some kickstart files to automate installs (i=
t also includes Cobbler snippets). But I get failures about errors in kicks=
tart files when Anaconda launches. I want to get a shell to troubleshoot th=
e problem. How do I do that? Right now I have a screen that says:

The system will be rebooted when you press Ctrl+C or Ctrl+Alt+Del.

The message also says that the Anaconda version is 13.21.149. I'm trying to=
install RHEL 6.2 Server.

Thanks
Balaji


--_000_774A286A68497042B74D49490106082E35B72552G4W32 03americas_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns=3D"urn:schemas-micr=
osoft-comfficeffice" xmlns:w=3D"urn:schemas-microsoft-comffice:word" =
xmlns:x=3D"urn:schemas-microsoft-comffice:excel" xmlns:m=3D"http://schema=
s.microsoft.com/office/2004/12/omml" xmlns=3D"http://www.w3.org/TR/REC-html=
40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
colorurple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-typeersonal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1">
<p class=3D"MsoNormal">I have been experimenting with some kickstart files =
to automate installs (it also includes Cobbler snippets). But I get failure=
s about errors in kickstart files when Anaconda launches. I want to get a s=
hell to troubleshoot the problem.
How do I do that? Right now I have a screen that says:<o></o></p>
<p class=3D"MsoNormal"><o>&nbsp;</o></p>
<p class=3D"MsoNormal">The system will be rebooted when you press Ctrl+=
C or Ctrl+Alt+Del.<o></o></p>
<p class=3D"MsoNormal"><o>&nbsp;</o></p>
<p class=3D"MsoNormal">The message also says that the Anaconda version is 1=
3.21.149. I’m trying to install RHEL 6.2 Server.<o></o></p>
<p class=3D"MsoNormal"><o>&nbsp;</o></p>
<p class=3D"MsoNormal">Thanks<o></o></p>
<p class=3D"MsoNormal">Balaji<span style=3D"font-size:12.0pt;font-family:&q=
uot;Times New Roman&quot;,&quot;serif&quot;">
</span><o></o></p>
<p class=3D"MsoNormal"><o>&nbsp;</o></p>
</div>
</body>
</html>

--_000_774A286A68497042B74D49490106082E35B72552G4W32 03americas_--


--===============5735257252912195003==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
--===============5735257252912195003==--
 
Old 06-18-2012, 08:40 PM
Dmitrijs Ledkovs
 
Default Malloc and security

On 18/06/12 21:11, Jamie White wrote:
> Hiya
>
> Just a quick question, which malloc, is there anyway that this function
> (used in C) could allocate memory into already allocated memory, such as
> the stack - or code space!
>
> Jamie
>
>

Cross posting offtopic email to two mailing lists (ubuntu-devel and
debian-devel) is not nice.

If you want quicker response times IRC would have been more appropriate.

--
Regards,
Dmitrijs.


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4FDF9254.5080505@debian.org">http://lists.debian.org/4FDF9254.5080505@debian.org
 
Old 06-18-2012, 08:42 PM
Dmitrijs Ledkovs
 
Default Malloc and security

On 18/06/12 21:25, Jamie White wrote:
> Hiya
>
> Just a quick question, which malloc, is there anyway that this function
> (used in C) could allocate memory into already allocated memory, such as
> the stack - or code space!
>
> Jamie
>
>
sorry, not to two mailing lists. to the same one twice in a very short
space of time. Could have been a user / mail client error.

--
Regards,
Dmitrijs.


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4FDF92AE.3080203@debian.org">http://lists.debian.org/4FDF92AE.3080203@debian.org
 
Old 06-18-2012, 08:46 PM
 
Default Malloc and security

In fact I didn't send it to both, I resent twice, a mistake as I thought the first email hadn't sent properly.

Jamir
Sent from my BlackBerry® smartphone on O2

-----Original Message-----
From: Dmitrijs Ledkovs <xnox@debian.org>
Sender: Dmitrijs Ledkovs <dmitrij.ledkov@surgut.co.uk>
Date: Mon, 18 Jun 2012 21:40:52
To: <debian-devel@lists.debian.org>
Cc: <jamie@jatos.co.uk>
Subject: Re: Malloc and security

On 18/06/12 21:11, Jamie White wrote:
> Hiya
>
> Just a quick question, which malloc, is there anyway that this function
> (used in C) could allocate memory into already allocated memory, such as
> the stack - or code space!
>
> Jamie
>
>

Cross posting offtopic email to two mailing lists (ubuntu-devel and
debian-devel) is not nice.

If you want quicker response times IRC would have been more appropriate.

--
Regards,
Dmitrijs.


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/4FDF9254.5080505@debian.org
 
Old 06-18-2012, 09:15 PM
Jamie White
 
Default Malloc and security

Aaah, any packages that need maintaining? Has there been swearing
before? I assume to private email addys.


Jamie

On 18/06/2012 22:12, Dmitrijs Ledkovs wrote:

I totally understand top posting from mobiles.

Well, debian has improved, there was no swearing this time around, I
don't think.

Thick skin is good, please maintain a few packages.

Regards,
Dmitrijs.

On 18/06/12 22:00, Jamie White wrote:

Oh thats flaming? Just seems like just friendly requests not todo stuff.
Certainly, had faaarrrr worse said to me! I'm thick skinned :P Btw,
please excuse top loading, BB doesn't allow base loading! Keeping same
flow now though.

Jamie

On 18/06/2012 21:52, Dmitrijs Ledkovs wrote:

anyway... You have been flamed to death by now =)))

Welcome to friendly debian development.

Smile, it gets worse (tm)

=))))))))) feel free to him me up if you need advice or a sponsor.

On 18/06/12 21:48, jamie@jatos.co.uk wrote:

Okies, I ignore the second email I sent, I'll just send this one to
you as not to clutter the list.

Yeah, like I say, an error in thinking first one hadn't gone,
apologies for that.

Jamie
------Original Message------
From: Dmitrijs Ledkovs
Sender: Dmitrijs Ledkovs
To: jamie@jatos.co.uk
Subject: Re: Malloc and security
Sent: 18 Jun 2012 21:45

sent an apology to the debian-devel.

There are two identical emails to debian-devel ~10mins apart or so.

On 18/06/12 21:44, jamie@jatos.co.uk wrote:

I am not quite sure how it ended on Ubuntu devel, I didn't send it
there...
Sent from my BlackBerry® smartphone on O2

-----Original Message-----
From: Dmitrijs Ledkovs<xnox@debian.org>
Sender: Dmitrijs Ledkovs<dmitrij.ledkov@surgut.co.uk>
Date: Mon, 18 Jun 2012 21:40:52
To:<debian-devel@lists.debian.org>
Cc:<jamie@jatos.co.uk>
Subject: Re: Malloc and security

On 18/06/12 21:11, Jamie White wrote:

Hiya

Just a quick question, which malloc, is there anyway that this
function
(used in C) could allocate memory into already allocated memory,
such as
the stack - or code space!

Jamie



Cross posting offtopic email to two mailing lists (ubuntu-devel and
debian-devel) is not nice.

If you want quicker response times IRC would have been more
appropriate.






--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4FDF9A88.7080509@jatos.co.uk">http://lists.debian.org/4FDF9A88.7080509@jatos.co.uk
 
Old 06-19-2012, 08:34 AM
Adam Borowski
 
Default Malloc and security

On Mon, Jun 18, 2012 at 09:38:15PM +0100, Ben Hutchings wrote:
> On Mon, Jun 18, 2012 at 09:25:51PM +0100, Jamie White wrote:
> > Hiya
> >
> > Just a quick question, which malloc, is there anyway that this
> > function (used in C) could allocate memory into already allocated
> > memory, such as the stack - or code space!
>
> Assuming that the program uses memory correctly, no. But if the
> program has a bug that causes it to write to unallocated memory, it
> could corrupt the memory allocator's state so that malloc later
> returns memory that has already been allocated.

valgrind is a wonderful tool for debugging this kind of errors.

--
I was born an ugly, dumb and work-loving child, then an evil midwife
replaced me in the crib.
 
Old 06-19-2012, 10:31 AM
Goswin von Brederlow
 
Default Malloc and security

Ben Hutchings <ben@decadent.org.uk> writes:

> On Mon, Jun 18, 2012 at 09:25:51PM +0100, Jamie White wrote:
>> Hiya
>>
>> Just a quick question, which malloc, is there anyway that this
>> function (used in C) could allocate memory into already allocated
>> memory, such as the stack - or code space!
>
> Assuming that the program uses memory correctly, no. But if the
> program has a bug that causes it to write to unallocated memory, it
> could corrupt the memory allocator's state so that malloc later
> returns memory that has already been allocated.

Actually I believe this is undefined in C. Malloc may verry well oveflow
the heap region and run into the stack or code going by the C standard.

But eglibc malloc uses sbrk() and mmap() to get memory from the kernel
and those functions will not return space already allocated by the stack
or code. That is probably true for every libc on every modern Unix system.

MfG
Goswin


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/87mx3zd24k.fsf@frosties.localnet
 

Thread Tools




All times are GMT. The time now is 12:00 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org