Home page logo

bugtraq logo Bugtraq mailing list archives

Re: ZLib double free bug: Windows NT potentially unaffected
From: Casper Dik <Casper.Dik () Sun COM>
Date: Fri, 15 Mar 2002 00:12:16 +0100

ZLib implementations on Windows NT should be unaffected by the "double 
free" bug, as long as they use the heap management functions of the Runtime 
Library (RTL), or any front-end to them, since these functions do a pretty 
good job at preventing heap corruption and access violations

Catching double free()s is one thing, preventing heap corruption is
quite something different.

If a piece of memory is freed twice, it can be handed back out before the
second (incorrect) free occurs.

Aside, if double free catching alone is sufficient to be considered
safe from this zlib bug, then Solaris standard libc malloc is also safe;
it catches double frees in several ways.  (Last value free()d w/o
intervening value; checks for existance on the free list and whether it
is marked free)


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]