On Wed, Aug 29, 2018 at 10:58:56PM +0200, Jann Horn wrote: > This ensures that any attempts to access memory directly after the input > buffer or delta buffer in a delta test will cause a segmentation fault. > > Inspired by vsftpd. Neat trick, but it seems funny to protect this one buffer in non-production code. Obviously you were interested in demonstrating the issue for your tests, but do we want to carry this all the time? If we want to detect this kind of thing in tests, we should probably be relying on tools like ASan, which would cover all mmaps. It would be nice if there was a low-cost way to detect this in production use, but it looks like this replaces mmap with read_in_full(), which I think is a non-starter for most uses. -Peff
