On Wed, Jul 03, 2013 at 17:21, Theo de Raadt wrote:
>> +       int pval = 0xd0d0caca;
> 
> Can you explain the choice of this?

I thought it sounded clever.

> There are arguments to make this MI; other arguments to make it MD;
> and other arguments to introduce a bit of randomness.
> 
> I'd like to know which arguments you have

Since libc doesn't do free list integrity checking, I'm currently
leaning towards a random value. (even with random, we could still
check that all words of a free chunk are the same.)

Somebody also noticed that we don't have separate values for allocated
and freed memory. I suppose this makes debugging harder since you
can't obviously identify freed memory? I lean towards prioritizing
finding more bugs, which implies we need more variability, since any
one value may allow a program to work where a different value would
not.

Reply via email to