Hi,
Sorry for the formatting problem, I'm having trouble sending each open source project the patch in their own format, and I probably mixed up something. The patch is now attached to this email.
In addition, I also attached the White Paper that describes this new security mitigation.
Just as a side note: the patch is signed by eyalit@checkpoint.com but I'm sending this from eyal.itkin@gmail.com due to mail issues with my work e-mail (which is connected to my GitHub account).
Thanks again for your cooperation, Eyal.
On Fri, Feb 14, 2020 at 11:40 AM Waldemar Brodkorb wbx@uclibc-ng.org wrote:
Hi, Eyal Itkin wrote,
Safe-Linking is a security mechanism that protects single-linked lists (such as the fastbins) from being tampered by attackers. The mechanism makes use of randomness from ASLR (mmap_base), and when combined with chunk alignment integrity checks, it protects the pointers from being hijacked by an attacker.
The patch does not apply with git am ontop of uClibc-ng master. What mail client do you use and could you try to use git format-patch -s origin and send an e-Mail with the patch as attachment so it does not get corrupted somehow.
best regards Waldemar