|
|
|
|
|
|
by garrettr_
3401 days ago
|
|
|
Zeroing on malloc and/or free would not have prevented this type of error, since the information disclosure was due to an overflow into an adjacent allocated buffer. However, zeroing on free is generally a useful defense-in-depth measure because can minimize the risk of some types of information disclosure vulnerabilities. If you use grsecurity, this feature is provided by grsecurity's PAX_MEMORY_SANITIZE [0]. [0]: https://en.wikibooks.org/wiki/Grsecurity/Appendix/Grsecurity... |
|
|