Hacker News new | past | comments | ask | show | jobs | submit login

IIRC, the allocator would possess a capability with authority over the whole heap, and it can derive a new pointer using that capability and the address of the block that's being freed.

Obviously, it should make sure that the capability passed to free has full authority over the block first, or else it may end up vulnerable to confused deputy attacks.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: