https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82179
Eric Gallager <egallager at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dmalcolm at gcc dot gnu.org
--- Comment #5 from Eric Gallager <egallager at gcc dot gnu.org> ---
(In reply to Federico Bento from comment #1)
> Hello,
>
> This a request for an exploit mitigation to be added to the compiler,
> possibly when making use of FORTIFY_SOURCE.
>
> Something like the below, but at the compiler level:
>
> #define SAFE_FREE(x) do { if((x) != 0x0) { free(x); (x) = (void *)0x1; } }
> while(0)
>
> After free(x), we set x to an address that will crash when dereferenced
> (use-after-free), and will also crash when it's an argument to free().
> Note that NULL isn't used, because free(NULL) does nothing, which might
> hide potential double-free bugs.
>
> This will detect use-after-free and double-free bugs by having the program
> crash instead of allowing various heap grooms and further exploitation.
>
> After discussion with Martin Sebor and Florian Weimer in the libc-alpha
> list, it was pointed out to me to post the request here for further interest.
>
> https://sourceware.org/ml/libc-alpha/2017-09/msg00238.html
> https://sourceware.org/ml/libc-alpha/2017-09/msg00423.html
>
In this, Martin said, "David Malcolm has done some preliminary work
on a GCC maaloc/free optimization and diagnostic pass that might be
well suited to this sort of instrumentation," so cc-ing him.
