1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2025-07-07 08:14:58 +03:00

Heap area protection of memory has been enhanced.

When memory is released and reallocated, a random security value called a canary is written to the before/after area of memory, and if the value has been modified, the process is terminated (restarted) for safety, assuming it is a buffer overflow of the memory area. This feature may effectively prevent confidentiality or integrity violations in the event that some heap area overflow vulnerability is discovered in this system in the future.
This commit is contained in:
Daiyuu Nobori
2023-10-07 04:42:00 +02:00
committed by Davide Beatrici
parent c49e462ed1
commit 2dec52b875
9 changed files with 347 additions and 52 deletions

View File

@ -2008,6 +2008,68 @@ void UnixGetSystemTime(SYSTEMTIME *system_time)
pthread_mutex_unlock(&get_time_lock);
}
UINT64 UnixGetHighresTickNano64(bool raw)
{
#if defined(OS_WIN32) || defined(CLOCK_REALTIME) || defined(CLOCK_MONOTONIC) || defined(CLOCK_HIGHRES)
struct timespec t;
UINT64 ret;
static bool akirame = false;
if (akirame)
{
return UnixGetTick64() * 1000000ULL;
}
Zero(&t, sizeof(t));
if (raw == false)
{
// Function to get the boot time of the system
// Be careful. The Implementation is depend on the system.
#ifdef CLOCK_HIGHRES
clock_gettime(CLOCK_HIGHRES, &t);
#else // CLOCK_HIGHRES
#ifdef CLOCK_MONOTONIC
clock_gettime(CLOCK_MONOTONIC, &t);
#else // CLOCK_MONOTONIC
clock_gettime(CLOCK_REALTIME, &t);
#endif // CLOCK_MONOTONIC
#endif // CLOCK_HIGHRES
}
else
{
// Function to get the boot time of the system
// Be careful. The Implementation is depend on the system.
#ifdef CLOCK_HIGHRES
clock_gettime(CLOCK_HIGHRES, &t);
#else // CLOCK_HIGHRES
#ifdef CLOCK_MONOTONIC_RAW
clock_gettime(CLOCK_MONOTONIC_RAW, &t);
#else // CLOCK_MONOTONIC_RAW
#ifdef CLOCK_MONOTONIC
clock_gettime(CLOCK_MONOTONIC, &t);
#else // CLOCK_MONOTONIC
clock_gettime(CLOCK_REALTIME, &t);
#endif // CLOCK_MONOTONIC
#endif // CLOCK_MONOTONIC_RAW
#endif // CLOCK_HIGHRES
}
ret = ((UINT64)((UINT)t.tv_sec)) * 1000000000LL + (UINT64)t.tv_nsec;
if (akirame == false && ret == 0)
{
ret = UnixGetTick64() * 1000000ULL;
akirame = true;
}
return ret;
#else
return UnixGetTick64() * 1000000ULL;
#endif
}
// Get the system timer (64bit)
UINT64 UnixGetTick64()
{