Re: Address range returned by malloc
Re: Address range returned by malloc
- Subject: Re: Address range returned by malloc
- From: Greg <email@hidden>
- Date: Sat, 4 Oct 2008 15:56:33 -0400
On Oct 4, 2008, at 3:29 PM, Terry Lambert wrote:
Kernel virtual address space for a 32 bit kernel is limited to 32
bits.
Pointers are NOT signed values, so do not store the returned pointer
into a signed integer, or you may truncate it to 31 bits and
overwrite/access something in lower memory than your allocation
actually occurred when you go to use it. This would be Bad(tm).
Thanks Terry, and I searched online and found that it appears that
Apple will continue to use a 32-bit kernel (I hope).
I'm aware that void* is unsigned, but I wasn't sure if converting that
to a signed type and then back again would lose information. For
example this program (with gcc -O0) displays "equal":
unsigned int a = 4294967295; // 2^32-1
int b = (int)a;
unsigned int c = (unsigned int)b;
printf("%s\n", a == c ? "equal" : "not equal");
So what's going on? It doesn't appear to lose any information here.
If this value is intended to be communicated to user space, consider
using a sized type capable of storing either a 32 or 64 bit pointer,
such as user_addr_t or uint64_t. This is normally discouraged,
since the likely reason for wanting to do it is because you intend
to pass the pointer back into the kernel later, and that would ne a
gaping security hole.
No worries, this is not occurring. :-)
- Greg
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden