扰乱 glibc 中 _int_malloc( ) 中的字节
在查看 malloc() 的 glibc 代码和实际分配器之后 即 _int_malloc() 函数我无法弄清楚“perturn_byte”的意义。它在 _int_malloc() 的许多地方被用在 alloc_perturb macro() 中。
我知道这个问题只是为了具体回答,请原谅我。但万一有人已经知道答案,我会省去一些麻烦。
谢谢
after going through glibc code for malloc() and the actual allocator
i.e _int_malloc() function I am not able to figure out the significance of "perturn_byte". Its being used in alloc_perturb macro() at many places in _int_malloc().
i know this this question is just to specific to answer, please pardon me. But in case anybody already knows the anwser will save me some head banging.
thanks
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
这是添加 perturb_byte 的提交:
http://repo.or.cz/w/glibc.git/commitdiff/854278dff83a754f1d24a17c1c1068e8ebfe6195
这是关键注释(以及打开此功能的示例):
所以,它正在调试用于检测 free-d 或 malloce 但尚未初始化的内存的误用的功能。
malloc 从系统(通过
brk或mmap)获取的每个内存字节都将填充 perturb_byte (不是零)。我想,空闲的内存也会被填满。然后用户可以检查在分配的范围内是否还有一些未初始化的内容,或者是否有一些写入已释放的内存。
这是文档:http://www.gnu。 org/s/hello/manual/libc/Malloc-Tunable-Parameters.html
正如我所见,这只能用于从调试器进行手动检查。
Here is the commit, which adds perturb_byte:
http://repo.or.cz/w/glibc.git/commitdiff/854278dff83a754f1d24a17c1c1068e8ebfe6195
And here is the key comment (and example of turning this feature on):
So, it is debugging feature to detect misusage of free-d or malloce but not-yet-initialized memory.
Every memory byte which malloc gets from system (via
brkormmap) will be filled with perturb_byte (which is not a zero). I think, free-ed memory will be filled too.Then user can check, is there still some uninialized in the malloced range or is there some write to free-ed memory.
Here is the documentation: http://www.gnu.org/s/hello/manual/libc/Malloc-Tunable-Parameters.html
As I see, this can be used only to do manual checks from debugger.