Re: Avice about the importance of heap overflow in hdf5

[Raphael Hertzog <hertzog@debian.org>]

Hi,

On Fri, 25 Nov 2016, Ola Lundqvist wrote:
> Thank you for the information that it is glibc that "protect". Do we know
> that glibc in wheezy do this or is this a more recent thing?

AFAIK glibc does not "protect", it adds canaries to detect when it happens,
but it cannot avoid them. And it detects them possibly way later when
memory is freed (unless the overrun is done by glibc functions I guess).

https://security.stackexchange.com/questions/64182/does-glibc-use-canary-checking-to-prevent-heap-buffer-overflow

But it's hard to find any official documentation about what glibc really does.

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/