Bug 13211 - UN-initialised memory could contain the secret talloc magic
Summary: UN-initialised memory could contain the secret talloc magic
Status: RESOLVED FIXED
Alias: None
Product: TALLOC
Classification: Unclassified
Component: libtalloc (show other bugs)
Version: 2.1.10
Hardware: All All
: P5 normal
Target Milestone: ---
Assignee: Andrew Bartlett
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-01-11 22:24 UTC by Andrew Bartlett
Modified: 2018-05-21 21:01 UTC (History)
1 user (show)

See Also:


Attachments
patch for master (7.12 KB, patch)
2018-01-11 22:25 UTC, Andrew Bartlett
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Andrew Bartlett 2018-01-11 22:24:06 UTC
Memory re-allocated could disclose the secret talloc magic.  

Instead use the fixed talloc magic for the 'was talloc, is now free' indication.
Comment 1 Andrew Bartlett 2018-01-11 22:25:02 UTC
Created attachment 13902 [details]
patch for master
Comment 2 Andrew Bartlett 2018-05-21 21:01:34 UTC
We released this in talloc 2.1.11 with master commit efe317c59204af076bb500ad904d2a5f6a961509 for Samba 4.8.

Patch is in 062309755888349afaa05dff7ac48ea8867110e0.