Fix ISC_MEM_ZERO on allocators with malloc_usable_size() (!7481) · Merge requests · ISC Open Source Projects / BIND

Tony Finch requested to merge 3845-mem-zero-non-zero into main Feb 03, 2023

ISC_MEM_ZERO requires great care to use when the space returned by the allocator is larger than the requested space, and when memory is reallocated. You must ensure that every call to allocate or reallocate a particular block of memory uses ISC_MEM_ZERO, to ensure that the extra space is zeroed as expected. (When ISC_MEMFLAG_FILL is set, the extra space will definitely be non-zero.)

When BIND is built without jemalloc, ISC_MEM_ZERO is implemented in jemalloc_shim.h. This had a bug on systems that have malloc_size() or malloc_usable_size(): memory was only zeroed up to the requested size, not the allocated size. When an oversized allocation was returned, and subsequently reallocated larger, memory between the original requested size and the original allocated size could contain unexpected nonzero junk. The realloc call does not know the original requested size and only zeroes from the original allocated size onwards.

After this change, jemalloc_shim.h always zeroes up to the allocated size, not the requested size.

Closes #3845 (closed)

Fix ISC_MEM_ZERO on allocators with malloc_usable_size()

Merge request reports