X-Authentication-Warning: delorie.com: mail set sender to djgpp-bounces using -f X-Recipient: djgpp AT delorie DOT com X-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:openpgp:autocrypt:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=ojEGYOj3aIrv59fT0L9N2epamUlYRc/M/It96Gg1MiA=; b=P6DLDNfO7wMtFt5bHD5tQqedhJ3norhlz2iIltnxg/T4pABsKj9Q61d5sLVWZ2eScD NFOTCMLaWTmCYmPD25mEu7bkEVF/rxlgrIdHefW+x25YGy6aAJHLatiEFEMhRGj3SYbZ 47jF9RQZorhLHA2hnSSM8fTb7MmXubfFeO2r7jtYqqrC5VLyxM4SQ8Jbh4riRF1hryEU wFM5j/6N4/qzWbi07webp3xa5UWaytrdANoWuf5wTUTFxT5nt7vhUFuwnfLWG1KmiaHD raA3d99+NSABZYBHejsjAArHyJxp82PKAElZ4FHTNkUImin6UmLoEdabTYkLE8LKUFzl pAhQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:openpgp:autocrypt :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=ojEGYOj3aIrv59fT0L9N2epamUlYRc/M/It96Gg1MiA=; b=boZvJpvrAXXPZSSJw1yR/5PnoOHCRX3Yie0Tk4hS2Obplzq7Y+NylgdLvmVzHsl5U3 WBFchC462XTwU7kJiT2AdPQP/WnFtJdWHs4GSYkdKUhf3/ixEsQquHfcXf6JRahJ5Gpt R8McXmfU0000Sq90gzQKgldjAwS+J7RxJ4+TDCtDRuszj5SQDlceSSY1fHm6tfrCUXgq GTht9TmVfa+csF/HR3MieD3FQH6bdTyw9So8nvs/QAOymY/FlPi4o7rcxB7ZHYGAFEqw 4kKVe+n1olLBYh4RkBzCvJO9cBF1bA92DAOe8JSyku92SMYENiKFwQMQi2snNi6mAkmE JTgw== X-Gm-Message-State: APjAAAUVuh8dmm+V6vDt3u7BmV7o2bREosF4ReRfLngtdVdSKhYqERTB M/Q13iJh6UjMCSW0yXq7tm0VaiSa X-Google-Smtp-Source: APXvYqxgCrkhdnAGiYki7veCkxUwqxKYbSHGTJb6q72YyR8hclo+eL4jlFpBYPzhlSnWqfzbbrOsFQ== X-Received: by 2002:a17:906:db:: with SMTP id 27mr39362892eji.153.1560789177328; Mon, 17 Jun 2019 09:32:57 -0700 (PDT) Subject: Re: malloc() returns pointer to already allocated memory To: djgpp AT delorie DOT com References: <158e5d20-0a90-4beb-de48-da328379d8fb AT gmail DOT com> From: "J.W. Jagersma (jwjagersma AT gmail DOT com) [via djgpp AT delorie DOT com]" Openpgp: id=D1694EA4DA1338AF4905293BA5102F469FA45960 Autocrypt: addr=jwjagersma AT gmail DOT com; prefer-encrypt=mutual; keydata= mJMEWlMYlBMJKyQDAwIIAQENBAMEORD9eiW30pI0XzJbuE7/4WF3ZyEOkpRgrmZnpTRmzXMW z22N+2YrczEM+q+NzM/wn8XOVH4hZ7eSaUsLT86YLS+gF/F44IbRZVCHxdrL+qSQQ0SafwDM Aaddx2azX+6MtlFO2B6oDbCHT7Nn5oQi3IgR+pgBzaCkfxyOnU1wjvO0JEouVy4gSmFnZXJz bWEgPGp3amFnZXJzbWFAZ21haWwuY29tPojQBBMTCgA4FiEE0WlOpNoTOK9JBSk7pRAvRp+k WWAFAlpTGJQCGwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQpRAvRp+kWWA3xAH/WIBG sLngyIrTsn5uKz4JygtlCfjMRRSwl3/UIaW96VvIM/wUyzHl+vlyLmuclOjAiTVia/Js03Ar zB9iCHZQ0QH/W8cRwHjRNZRukU2IR8eqoGsl6hTUrrAAOKOVO04wrjO4jGDHg3Sw2GxBx7Md mD0QRId/gFwR/1UWS0jBdSUWC7iXBFpTGJQSCSskAwMCCAEBDQQDBFipNF/RUEAer/hhT6yJ 5no1ZLAZgpypvWZ3xJSrBKmcDTaOmNKNRrw1dNtSZ6M6wYcBmtCq7uvR5iiGyK3nD+olwe7a 4WDkhEEvbmdAYl2LnBsYeyruoW+N+KiMalvf9SphDmBi2NwdSZ1IhnBpxlUns8jqlgZGvG1G xE1sleq7AwEKCYi4BBgTCgAgFiEE0WlOpNoTOK9JBSk7pRAvRp+kWWAFAlpTGJQCGwwACgkQ pRAvRp+kWWBnyAH+JLrW/cK2aVDvq2nxn471opBgHyExzMi0hvbuy8BjyEt+AfL0RNCFcdds CQakIGDv5k69TAgOftECgASwv6CG5wH8D3jnksh6YvYMf0hCBlSfwJ5ehIeqQTj0m2410RgC KWywqmfU1X5YVXgmuXatRNgV/ggXS2Q7GnSP/StQzlh3sQ== Message-ID: Date: Mon, 17 Jun 2019 18:31:50 +0200 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.7.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit Reply-To: djgpp AT delorie DOT com Errors-To: nobody AT delorie DOT com X-Mailing-List: djgpp AT delorie DOT com X-Unsubscribes-To: listserv AT delorie DOT com Precedence: bulk On 2019-06-17 07:48, Rod Pemberton wrote: > One thing he could do is reduce the likelihood, i.e., probability, that > he'll get a false positive, i.e., random value. He could check for > multiple magic values in a row. The more values he checks for, the > lower the probability will be that it's random. I'd probably > check for an entire block. Then the test also depends on how well aligned the pointers returned by malloc are. eg. you write a 16-byte value to 0x1000, if malloc next returns a pointer to 0x1008 it still overlaps, but this would be more difficult to detect.