New options 'S', as a shorthand for the options most suitable as an

extra safeguard (FGJ). Idea from deraadt@; ok deraadt@ dlg@

2 files changed, 9 insertions, 3 deletions

diff --git a/lib/libc/stdlib/malloc.3 b/lib/libc/stdlib/malloc.3
index e0edd9446e9..71962c565bf 100644
--- a/lib/libc/stdlib/malloc.3
+++ b/lib/libc/stdlib/malloc.3
@@ -30,9 +30,9 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\"	$OpenBSD: malloc.3,v 1.63 2009/10/10 18:36:52 otto Exp $
+.\"	$OpenBSD: malloc.3,v 1.64 2010/01/13 12:40:11 otto Exp $
 .\"
-.Dd $Mdocdate: October 10 2009 $
+.Dd $Mdocdate: January 13 2010 $
 .Dt MALLOC 3
 .Os
 .Sh NAME
@@ -272,6 +272,8 @@ This can substantially aid in compacting memory.
 .\".Xr ktrace 1
 .\"for all operations.
 .\"Consult the source for this one.
+.It Cm S
+Enable all options suitable for security auditing.
 .It Cm X
 .Dq xmalloc .
 Rather than return failure,
diff --git a/lib/libc/stdlib/malloc.c b/lib/libc/stdlib/malloc.c
index 9bdea862f2d..9cee3e5935f 100644
--- a/lib/libc/stdlib/malloc.c
+++ b/lib/libc/stdlib/malloc.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: malloc.c,v 1.123 2009/12/16 08:23:53 otto Exp $	*/
+/*	$OpenBSD: malloc.c,v 1.124 2010/01/13 12:40:11 otto Exp $	*/
 /*
  * Copyright (c) 2008 Otto Moerbeek <otto@drijf.net>
  *
@@ -661,6 +661,10 @@ omalloc_init(struct dir_info **dp)
 			case 'R':
 				mopts.malloc_realloc = 1;
 				break;
+			case 'S':
+				mopts.malloc_freeprot = mopts.malloc_junk = 1;
+				mopts.malloc_guard = MALLOC_PAGESIZE;
+				break;
 			case 'x':
 				mopts.malloc_xmalloc = 0;
 				break;