mirror of
https://github.com/fergalmoran/ladybird.git
synced 2025-12-27 19:59:17 +00:00
fb003d71c2
In particular, we track separately whether each AtExitEntry has already been called, through a separate Bitmap. This has several side-effects: - We now call malloc() during __cxa_finalize(). I believe this is fine, and at that point during program execution memory pressure should be low anyway. - An attacker could prevent arbitrary entries from executing by writing to atexit_called_entries. However, this already was possible (by setting atexit_entry_count to zero), and this path is even more troublesome (the attacker needs to overwrite atexit_called_entries, and a region serving as *atexit_called_entries.m_data, and magically know exactly how many entries already exist.) - This reduces the size of AtExitEntry from 16 to 12 (on i686). As such, we can reduce the initial memory allocation from two to one page, reducing the initial capacity from 512 to 341 entries (or 256 to 170, on x86_64). It seems that most programs only use 36-47 entries anyway. For 'true', this shaves off about 69 syscalls, as measured by strace.
6.0 KiB
6.0 KiB