OpenBSD security features: Difference between revisions

During the development cycle of the 3.8 release, changes were made to the <code>[[malloc]]</code> memory management functions. In traditional Unix operating systems, <code>malloc</code> allocates more memory by extending the Unix data segment, a practice that has made it difficult to implement strong protection against security problems.{{vague|date=May 2016}} The <code>malloc</code> implementation now in OpenBSD makes use of the <code>[[mmap]]</code> system call, which was modified so that it returns random memory addresses and ensures that different areas are not mapped next to each other. In addition, allocation of small blocks in shared areas are now randomized and the <code>free</code> function was changed to return memory to the kernel immediately rather than leaving it mapped into the process. A number of additional, optional checks were also added to aid in development.{{citation needed|reason=IIRC, this is mentioned in the malloc.conf man page|date=May 2016}} These features make program bugs easier to detect and harder to exploit: instead of memory being corrupted or an invalid access being ignored, they often result in a [[SIGSEGV|segmentation fault]] and abortion of the process. This has brought to light several issues with software running on OpenBSD 3.8, particularly with programs reading beyond the start or end of a buffer, a type of bug that would previously not be detected directly but can now cause an error.{{Citation needed|date=May 2016}} These abilities took more than three years to implement without considerable performance loss and are similar in goals to that of the [[Electric Fence]] <code>malloc</code> debugging library by [[Bruce Perens]].