malloc already hands you more than you ask for in a lot of cases, check out mall... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Asooka on May 18, 2017 \| parent \| context \| favorite \| on: Further hardening glibc malloc() against single by... malloc already hands you more than you ask for in a lot of cases, check out malloc_usable_size.

scarybeast on May 18, 2017 [–]

This is true. But in the case where the malloc heap metadata is under attack, the attacker will usually just allocate exactly the right size to ensure that the off-by-one goes off the end of the chunk, instead of into slack space.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact