On Sat, 12 Apr 2014, waldo kitty wrote:
On 4/12/2014 8:24 AM, Michael Van Canneyt wrote:
Attached is an implementation that allows you to specify:
What to do when allocating memory (zero out, randomize, nothing)
What to do when freeing memory (zero out, randomize, nothing).
very nice!
On 04/12/2014 02:24 PM, Michael Van Canneyt wrote:
Attached is an implementation that allows you to specify:
A few comments:
- allocmem already zeros the memory. No need to do it a second time
- Getmem and Allocmem can return nil (dependent on mem manager,
sometimes on
On Sun, 13 Apr 2014, Ludo Brands wrote:
On 04/12/2014 02:24 PM, Michael Van Canneyt wrote:
Attached is an implementation that allows you to specify:
A few comments:
- allocmem already zeros the memory. No need to do it a second time
Indeed, copypaste from getmem. Removed the zeroing.
On 04/13/2014 09:02 AM, Michael Van Canneyt wrote:
You are right. A logic error. ReallocMem is the more tricky one.
Revised.
In case of a block move, the memory (OP) is already freed when you
clear/scramble it. I'm afraid you can't simply re-use the underlying
ReAllocMem (think cmem for
Michael Van Canneyt wrote:
If there is an interest in such thing, we can add it to the RTL.
as miniscule as it is compared with others', here's my vote in the
positive ;)
Duly noted :)
Can I add my positive vote vote to that please, for the specific case
where a string etc. is expanded.
On 04/13/2014 09:02 AM, Michael Van Canneyt wrote:
You are right. A logic error. ReallocMem is the more tricky one.
Revised.
In case of a block move, the memory (OP) is already freed when you
clear/scramble it. I'm afraid you can't simply re-use the underlying
ReAllocMem (think cmem for
Am 11.04.2014 20:50 schrieb waldo kitty wkitt...@windstream.net:
On 4/11/2014 5:03 AM, Michael Van Canneyt wrote:
The main point is that in FPC you can install a memory manager that
wipes out
any memory when getting or releasing it, if you want to make your
software more
secure that way.
On Sat, 12 Apr 2014, Sven Barth wrote:
Am 11.04.2014 20:50 schrieb waldo kitty wkitt...@windstream.net:
On 4/11/2014 5:03 AM, Michael Van Canneyt wrote:
The main point is that in FPC you can install a memory manager that wipes out
any memory when getting or releasing it, if you want to
On 4/12/2014 8:24 AM, Michael Van Canneyt wrote:
Attached is an implementation that allows you to specify:
What to do when allocating memory (zero out, randomize, nothing)
What to do when freeing memory (zero out, randomize, nothing).
very nice! thank you sir! i'm still learning FPC and all
Is my understanding correct that when a string or a dynamic array is
extended it might result in its existing content being released to the heap?
If so, is it possible to ensure that this is zeroed or randomised first,
without having to do it manually?
--
Mark Morgan Lloyd
markMLl .AT.
On Fri, 11 Apr 2014, Mark Morgan Lloyd wrote:
Is my understanding correct that when a string or a dynamic array is extended
it might result in its existing content being released to the heap?
If so, is it possible to ensure that this is zeroed or randomised first,
without having to do it
On 11 Apr 2014, at 09:36, Mark Morgan Lloyd wrote:
Is my understanding correct that when a string or a dynamic array is extended
it might result in its existing content being released to the heap?
If so, is it possible to ensure that this is zeroed or randomised first,
without having to
Jonas Maebe wrote:
On 11 Apr 2014, at 09:36, Mark Morgan Lloyd wrote:
Is my understanding correct that when a string or a dynamic array is extended
it might result in its existing content being released to the heap?
If so, is it possible to ensure that this is zeroed or randomised first,
Michael Van Canneyt wrote:
On Fri, 11 Apr 2014, Mark Morgan Lloyd wrote:
Is my understanding correct that when a string or a dynamic array is
extended it might result in its existing content being released to the
heap?
If so, is it possible to ensure that this is zeroed or randomised
On 11 Apr 2014, at 10:10, Mark Morgan Lloyd wrote:
Jonas Maebe wrote:
On 11 Apr 2014, at 09:36, Mark Morgan Lloyd wrote:
Is my understanding correct that when a string or a dynamic array is
extended it might result in its existing content being released to the heap?
If so, is it possible
On Fri, 11 Apr 2014, Mark Morgan Lloyd wrote:
Michael Van Canneyt wrote:
On Fri, 11 Apr 2014, Mark Morgan Lloyd wrote:
Is my understanding correct that when a string or a dynamic array is
extended it might result in its existing content being released to the
heap?
If so, is it possible
On 11 Apr 2014, at 10:26, Michael Van Canneyt wrote:
OTOH, I think people are hugely exaggerating the problem, considering it was
introduced relatively recently and that I got my security update before it
hit the newspapers.
The exploit code was also on github before news about the bug hit
On Fri, 11 Apr 2014, Jonas Maebe wrote:
On 11 Apr 2014, at 10:26, Michael Van Canneyt wrote:
OTOH, I think people are hugely exaggerating the problem, considering it was
introduced relatively recently and that I got my security update before it hit
the newspapers.
That is of course
On 4/11/2014 5:03 AM, Michael Van Canneyt wrote:
The main point is that in FPC you can install a memory manager that wipes out
any memory when getting or releasing it, if you want to make your software more
secure that way.
how would one go about doing this? i learned in my TP3/6 days to use
On 4/11/2014 4:10 AM, Mark Morgan Lloyd wrote:
Using a memory manager would reliably wipe strings etc. when reallocated (i.e
rather than when an assignment didn't trigger reallocation). On the other hand
it would have the overhead of also overwriting blocks that the user knew were
being freed
waldo kitty wrote:
On 4/11/2014 5:03 AM, Michael Van Canneyt wrote:
The main point is that in FPC you can install a memory manager that
wipes out
any memory when getting or releasing it, if you want to make your
software more
secure that way.
how would one go about doing this? i learned in
21 matches
Mail list logo
