Bionic Buffalo Tech Note #102: Using the Ivory Coast Memory Management Routines
When canaries are requested, then the library also allocates a suffix after the user area. In the current
implementation, the suffix consists only of the canary. (In future implementations, planned for typed or
tagged memory, the suffix may also contain type data or other varying length information.)
Allocating and Releasing Memory
To obtain memory, the application calls
civ_status_T civ_memory_allocate
( size_t size,
uint8_t region,
void ** pointer,
civ_flags_T flags ) ;
The
size
is the amount of memory requested by the application. It does not include any prefix or
suffix size.
The
region
is the pool from which memory is to be allocated. In the default implementation, the only
meaningful region is
CIV_MEMORY_REGION_HEAP
, which obtains the buffer using
malloc()
. In
other versions, special regions may be defined. For example, a driver sharing a memory buffer with a
network card might define
CIV_MEMORY_REGION_ADAPTER
.
Currently, there are eight user flags and five library flags defined.
The user flags are the least significant eight bits of the
flags
, and may be set in any combination
entirely at the discretion of the application. The user flags are kept with the block (in the prefix), and
may be retrieved at any later time by
civ_memory_flags_get()
. The application might (for
example) use them to remember the purpose or type of data in a block, the task or program which
allocated the block, or whether the block was locked or otherwise put to some special use.
The library flags modify the behaviour of the memory allocation API.
CIV_MEMORY_FLAG_CLEAR_ALLOCATED
causes the library to zero the new block
before returning it to the caller. This is similar to the effect of using
calloc()
instead
of
malloc()
.
CIV_MEMORY_FLAG_CLEAR_RELEASED
will cause the library to zero the block when
(and if) it is finally released. The main intended purpose for this is security: if the buffer
will be used to contain confidential information, then zeroing it will make it more difficult
for an attacker to acquired the contents.
CIV_MEMORY_FLAG_PANIC_NO_MEMORY
will cause the library to terminate the
process by calling
exit()
in case insufficient memory is available to satisfy the request.
Page 3 of 6