Reads on Security (topic: double free)

I spent a fairly long period without writing on this phlog.
Besides being quite busy with work, I didn't feel very inspired
to do so.  It is time to resume this practice, as much as my
limited spare time allows me to.

A few weeks ago I wanted to update these pages, since I've been
reading up on certain security topics, of which I'd like to keep
some bookmarks.

I will keep things minimal.  As a matter of fact, the least I
type, the more time I'm left with to learn.

1.  https://github.com/stong/how-to-exploit-a-double-free
Very interesting even if I didn't try the CTF.
To understand certain things I will need more info on the system
calls.
Status: Partially read.

2. https://people.eecs.berkeley.edu/~kubitron/courses/cs194-24-S14/hand-outs/bonwick_slab.pdf
Suggested by a colleague, a very good paper.
Status: Complete.

https://hammertux.github.io/slab-allocator
Out of scope beyond a certain point.
Status: Partially read.

https://sourceware.org/glibc/wiki/MallocInternals
About malloc pools, hard to follow as it is often the case for
GNU products >:-/
Status: Partially read.

You are viewing proxied material from dacav.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.