From 17d364c8a0d7c685e21def7bd56465a930f64559 Mon Sep 17 00:00:00 2001 From: Andrea Fioraldi Date: Mon, 16 Dec 2019 10:42:34 +0100 Subject: fix alloc_canary should not be on TLS. thread #0 malloc=a -> thread #1 free(a) results in a wringly detected canary mistmatch --- libdislocator/libdislocator.so.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libdislocator/libdislocator.so.c b/libdislocator/libdislocator.so.c index 10ea0a61..33985ce9 100644 --- a/libdislocator/libdislocator.so.c +++ b/libdislocator/libdislocator.so.c @@ -130,7 +130,7 @@ static u8 alloc_verbose, /* Additional debug messages */ static __thread size_t total_mem; /* Currently allocated mem */ static __thread u32 call_depth; /* To avoid recursion via fprintf() */ -static __thread u32 alloc_canary; +static u32 alloc_canary; /* This is the main alloc function. It allocates one page more than necessary, sets that tailing page to PROT_NONE, and then increments the return address -- cgit 1.4.1