summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_both.c
diff options
context:
space:
mode:
authorotto <>2023-03-25 15:22:06 +0000
committerotto <>2023-03-25 15:22:06 +0000
commitaeb609db314605a99dc3692bfd9fb97fe4c9da1c (patch)
treed2c5e22c1b7782c67519711149e923495a1a3acb /src/lib/libssl/ssl_both.c
parentd20be4a1ca1237b922afbdfb8651d7cbbe10f8cd (diff)
downloadopenbsd-aeb609db314605a99dc3692bfd9fb97fe4c9da1c.tar.gz
openbsd-aeb609db314605a99dc3692bfd9fb97fe4c9da1c.tar.bz2
openbsd-aeb609db314605a99dc3692bfd9fb97fe4c9da1c.zip
Change malloc chunk sizes to be fine grained.
The basic idea is simple: one of the reasons the recent sshd bug is potentially exploitable is that a (erroneously) freed malloc chunk gets re-used in a different role. malloc has power of two chunk sizes and so one page of chunks holds many different types of allocations. Userland malloc has no knowledge of types, we only know about sizes. So I changed that to use finer-grained chunk sizes. This has some performance impact as we need to allocate chunk pages in more cases. Gain it back by allocation chunk_info pages in a bundle, and use less buckets is !malloc option S. The chunk sizes used are 16, 32, 48, 64, 80, 96, 112, 128, 160, 192, 224, 256, 320, 384, 448, 512, 640, 768, 896, 1024, 1280, 1536, 1792, 2048 (and a few more for sparc64 with its 8k sized pages and loongson with its 16k pages). If malloc option S (or rather cache size 0) is used we use strict multiple of 16 sized chunks, to get as many buckets as possible. ssh(d) enabled malloc option S, in general security sensitive programs should. See the find_bucket() and bin_of() functions. Thanks to Tony Finch for pointing me to code to compute nice bucket sizes. ok tb@
Diffstat (limited to 'src/lib/libssl/ssl_both.c')
0 files changed, 0 insertions, 0 deletions