Bugtraq mailing list archives
Re: ZLib double free bug: Windows NT potentially unaffected
From: Casper Dik <Casper.Dik () Sun COM>
Date: Fri, 15 Mar 2002 00:12:16 +0100
ZLib implementations on Windows NT should be unaffected by the "double free" bug, as long as they use the heap management functions of the Runtime Library (RTL), or any front-end to them, since these functions do a pretty good job at preventing heap corruption and access violations
Catching double free()s is one thing, preventing heap corruption is quite something different. If a piece of memory is freed twice, it can be handed back out before the second (incorrect) free occurs. Aside, if double free catching alone is sufficient to be considered safe from this zlib bug, then Solaris standard libc malloc is also safe; it catches double frees in several ways. (Last value free()d w/o intervening value; checks for existance on the free list and whether it is marked free) Casper
Current thread:
- ZLib double free bug: Windows NT potentially unaffected KJK::Hyperion (Mar 14)
- Re: ZLib double free bug: Windows NT potentially unaffected Casper Dik (Mar 14)
- Re: ZLib double free bug: Windows NT potentially unaffected Dragos Ruiu (Mar 15)
- Re: ZLib double free bug: Windows NT potentially unaffected Dragos Ruiu (Mar 14)
- <Possible follow-ups>
- RE: ZLib double free bug: Windows NT potentially unaffected Robert Collins (Mar 14)
- Re: ZLib double free bug: Windows NT potentially unaffected Martijn Lievaart (Mar 15)