DO NOT MERGE Randomize allocation canary
A static allocation canary can be susceptible to buffer overflow
exploit code bypassing, so this randomizes it on every run.
Bug: 27411268
Change-Id: I81b06f89951a012c08d846042653ec957f3e9127
(cherry picked from commit 7c054350fb7da9da1fdb86e7f7b9a801cf1c39e4)
diff --git a/osi/src/allocation_tracker.cc b/osi/src/allocation_tracker.cc
index c4f9705..1b8d5a1 100644
--- a/osi/src/allocation_tracker.cc
+++ b/osi/src/allocation_tracker.cc
@@ -37,15 +37,21 @@
bool freed;
} allocation_t;
-static const char *canary = "tinybird";
-
-static size_t canary_size;
+static const size_t canary_size = 8;
+static char canary[canary_size];
static std::unordered_map<void*, allocation_t*> allocations;
static pthread_mutex_t lock;
static bool enabled = false;
void allocation_tracker_init(void) {
- canary_size = strlen(canary);
+ if (enabled)
+ return;
+
+ // randomize the canary contents
+ for (size_t i = 0; i < canary_size; i++)
+ canary[i] = (char)osi_rand();
+
+ LOG_DEBUG(LOG_TAG, "canary initialized");
pthread_mutex_init(&lock, NULL);