Module Name: src
Committed By: maxv
Date: Tue Jun 24 07:28:23 UTC 2014
Modified Files:
src/sys/kern: subr_kmem.c
Log Message:
KMEM_REDZONE+KMEM_POISON is supposed to detect buffer overflows. But it only
poisons memory after kmem_roundup_size(), which means that if an overflow
occurs in the page padding, it won't be detected.
Fix this by making KMEM_REDZONE independent from KMEM_POISON and making it
put a 2-byte pattern at the end of each requested buffer, and check it when
freeing memory to ensure the caller hasn't written outside the requested area.
Not enabled on DIAGNOSTIC for the moment.
To generate a diff of this commit:
cvs rdiff -u -r1.53 -r1.54 src/sys/kern/subr_kmem.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
