On Aug 25, 8:15 am, Bill Hart <goodwillh...@googlemail.com> wrote: > I think by "this capability" I mean the capability GMP/MPIR has of > allowing user code to supply a memory manager. > > I mean, if that is global, doesn't it imply that user code can spy on > the memory of other user code, say when it comes up for realloc? > > And it is also potentially possible for one process to crash another > by controlling its memory allocation.
I think a shared library will have a separate instantiation of its writeable sections for each process that it uses. The problem arises when you're trying to build some frankenstein program that uses two libraries, both using libgmp.so and both wanting to use their own memory management. The conflicts all arise within the same process, so they are already sharing memory. If you have to worry about people injecting untrusted shared libraries into your application, I think mp_set_memory_functions will not be your only vulnerability. --~--~---------~--~----~------------~-------~--~----~ To post to this group, send an email to sage-devel@googlegroups.com To unsubscribe from this group, send an email to sage-devel-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/sage-devel URLs: http://www.sagemath.org -~----------~----~----~----~------~----~------~--~---
