This is a kind of two steps forward, one step back diff.
I would like for the canary to be placed directly adjacent to the end of the
user specified size. No slack. To accomplish this, we record the original size
of the allocation at the end, then we can walk backwards to find the canary.
On Wed, 2015-12-09 at 07:47 -0500, Ted Unangst wrote:
> This is a kind of two steps forward, one step back diff.
>
> I would like for the canary to be placed directly adjacent to the end
> of the
> user specified size. No slack. To accomplish this, we record the
> original size
> of the
Daniel Micay wrote:
> Not quite as good as a random value per canary, but a random value per
> page would already be pretty fine-grained and each canary can still be
> made unique via something like the current `random ^ hash(address)`.
One thing to remember is that a number of architectures are
