Inkampani yokuhlola Indlela yoKhuseleko yoQhagamshelwano oluKhuselekileyo, eyenza kube nzima ukuyila imisebenzi ekhohlisa inkcazo okanye uhlengahlengiso lwezalathisi kwizithinteli ezabiweyo xa kusenziwa umnxeba we-malloc. I-Safe-Linking ayikuthinteli ngokupheleleyo ukubanakho ukuxhaphaza ubuthathaka, kodwa ngentloko encinci inzima kakhulu ekudalweni kweendidi ezithile zokuxhaphaza, kuba ukongeza kwi-buffer exhaphakileyo yokuphuphuma, kuyafuneka ukuba kufumaneke obunye ubuthathaka obudala ukuvuza kolwazi malunga. ukubekwa kwemfumba kwinkumbulo.
Iziqendu eziphumeza i-Safe-Linking zilungiselelwe i-Glibc (ptmalloc), iClibc-NG (dlmalloc), igperftools (tcmalloc) kunye neGoogle TCMalloc, kwaye zikwacetyiselwe ukuphuculwa kokhuseleko kwiChromium (in
Ukusukela ngo-2012, iChromium sele yakhiwe kwindlela yokukhusela yeMaskPtr ejolise ekusombululeni ingxaki efanayo, kodwa isisombululo esivela kwi-Checkpoint sibonisa ukusebenza okuphezulu).
Iipetshi ezicetyisiweyo sele zivunyiwe ukuba zihanjiswe ngo-Agasti kwaye iSafe-Linking iya kwenziwa ngokungagqibekanga. uClibc-NG ixhasa iSafe-Linking ifakiwe kukhupho 1.0.33 kwaye yenziwe ngokungagqibekanga. Utshintsho kwi-gperftools (i-tcmalloc endala) , kodwa iya kunikwa njengokhetho kukhupho oluzayo.
Abaphuhlisi (i-tcmalloc entsha) yalile ukwamkela , ukucaphula ukuthotywa kwentsebenzo enzima kunye nesidingo sokongeza iimvavanyo ezibanzi ukujonga rhoqo ukuba yonke into isebenza njengoko kulindelekile. Uvavanyo lweenjineli ze-Checkpoint lubonise ukuba indlela ye-Safe-Linking ayikhokelela ekusebenziseni imemori eyongezelelweyo, kwaye ukusebenza xa kusenziwa imisebenzi yemfumba kuncitshiswe ngomyinge kuphela nge-0.02%, kwaye kwimeko embi kakhulu yi-1.5% (ngokuthelekisa, i-overhead in indlela esetyenziswe kwiChromium iqikelelwa "ngaphantsi kwe-2%). Ukuqukwa
Safe-Linking iziphumo 2-3 imiyalelo indibano eyongezelelweyo eyenziwayo ixesha ngalinye free () ebizwa, kunye 3-4 imiyalelo ixesha ngalinye malloc () ebizwa. Ukuqhuba ukuqaliswa kunye nezigaba zokuvelisa ixabiso elingaqhelekanga akufuneki.
Unxulumaniso oluKhuselekileyo lungasetyenziswa kungekuphela nje ekuphuculeni ukhuseleko lophumezo olwahlukeneyo lwemfumba, kodwa kwakhona ukongeza ulawulo lwemfezeko kuzo naziphi na izakhiwo zedatha ezisebenzisa uludwe oludityaniswe lodwa lwezalathisi ezibekwe ecaleni kwezithinteli ngokwazo. Indlela ilula kakhulu ukuyiphumeza kwaye ifuna kuphela ukongeza imacro enye kwaye uyisebenzise kwizikhombisi kwibhloko elandelayo kwikhowudi (umzekelo, kwi-Glibc imigca embalwa yekhowudi). Indlela ixhomekeke kolu tshintsho lulandelayo:
+#chaza PROTECT_PTR(pos, ptr) \
+ ((__typeof (ptr)) ((((ubukhulu_t) pos) >> 12) ^ ((ubukhulu_t) ptr)))
+#chaza REVEAL_PTR(ptr) PROTECT_PTR (&ptr, ptr)
- nextp = p->fd;
+ nextp = REVEAL_PTR (p->fd);
...
Undoqo wendlela kukusebenzisa idatha engacwangciswanga ukusuka kwidilesi ye-ASLR ye-randomization mechanism (mmap_base) ukukhusela uluhlu oludityanisiweyo olulodwa njenge-Fast-Bins kunye ne-TCache. Phambi kokuba ixabiso lisetyenziswe kwisalathisi kuluhlu olulandelayo kuluhlu, lenza uguqulelo lwemaski kwaye ijonga ulungelelwaniso lwephepha. Isalathisi sithatyathelwa indawo sisiphumo somsebenzi "(L >> PAGE_SHIFT) XOR (P)", apho iP lixabiso lesalathisi kwaye L yindawo yememori apho isalathisi sigcinwe khona.
Xa isetyenziswe kwinkqubo (Idilesi yeNdawo yoLayo ngokuRandomization) inxalenye ye-L bits kunye nedilesi yesiseko semfumba iqulethe amaxabiso angahleliweyo asetyenziswa njengesitshixo sokufaka ikhowudi ye-P (ikhutshwe yi-12-bit shift shift for 4096-byte amaphepha). Oku kukhohlisa kunciphisa umngcipheko wokuqweqwediswa kwesalathisi kwi-exploit, kuba isalathisi asigcinwanga kwimo yaso yoqobo kwaye ukusibuyisela endaweni yaso kufuna ulwazi lolwabiwo lwemfumba. Ukongeza, ikhowudi yokupakisha iqulethe itshekhi eyongezelelweyo yokulungelelaniswa kwebhloko, engavumeli umhlaseli ukuba athathe indawo yesalathisi ngexabiso elingahambelaniyo kwaye ifuna ulwazi lwenani leebhithi ezilungelelanisiweyo, ezithi kwiinkqubo ze-64-bit zivumela ukuthintela. I-15 kwi-16 imizamo yokuhlasela engathatheli ingqalelo ukulungelelaniswa .
Indlela iyasebenza ekukhuseleni ekuhlaselweni okusebenzisa ukubhalwa kwakhona kwesalathisi (ukutshintsha i-bytes ephantsi), ukubhala kwakhona isalathisi (ukuqondisa kwakhona kwikhowudi yomhlaseli) kunye nokutshintsha indawo yoluhlu kwidilesi engahambelaniyo. Njengomzekelo, kubonisiwe ukuba ukusetyenziswa kwe-Safe-Linking kwi-malloc kuyakuvumela ukuvala uxhatshazo kutshanje. ngabaphandi bobuthathaka obufanayo kwiPhilips Hue Bridge ukukhanya okukrelekrele, okubangelwa kukuphuphuma kwebuffer kwaye ikuvumela ukuba ufumane ulawulo lwesixhobo.
umthombo: opennet.ru