Re: [PATCH] include/linux/slab.h: new KFREE() macro.

From: Amit Choudhary
Date: Mon Jul 23 2007 - 14:02:27 EST



>Amit Choudhary <amit2030@xxxxxxxxx> wrote:
>> --- Christoph Hellwig <hch@xxxxxxxxxxxxx> wrote:
>>> On Sun, Jan 07, 2007 at 12:46:50AM -0800, Amit Choudhary wrote:

>> Any strong reason why not? x has some value that does not make sense and can
>> create only problems. And as I explained, it can result in longer code too.
>> So, why keep this value around. Why not re-initialize it to NULL.

>1) Because some magic value like 0x23 would be better.
>2) Because it hides bugs like double frees or dangeling references while
>creating a race condition. In the end, you'll get more hard-to-find bugs
>in exchange for papering over some easy-to-spot bugs.

Sorry for spamming the list again but some people may find this useful:

[Dangling pointers are security vulnerability]

http://it.slashdot.org/it/07/07/23/1624203.shtml

Excerpt:
***
Dangling pointers are quite common, but security experts and developers have said for years that
there is no practical way to exploit them, so they've been considered quality-assurance problems
and not security flaws.

But now that has changed.

"The problem before was, you had to override the exact location that the pointer was pointing to.
It was considered impossible. But we discovered a way to do this with generic dangling pointers
and run our own shell code."
***

-Amit




____________________________________________________________________________________
Take the Internet to Go: Yahoo!Go puts the Internet in your pocket: mail, news, photos & more.
http://mobile.yahoo.com/go?refer=1GNXIC
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/