Completed
jemalloc basic design
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Exploiting the Jemalloc Memory Allocator - Owning Firefox's Heap
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Outline
- 3 jemalloc flavors... yummy
- 4 SMP systems & multithreaded applications
- 5 jemalloc overview
- 6 Central concepts
- 7 jemalloc basic design
- 8 Chunks (arena_chunk_t)
- 9 Runs (arena_run_t)
- 10 Regions
- 11 Region size classes
- 12 Bins (arena bin_t)
- 13 Architecture of jemalloc
- 14 Allocation algorithm
- 15 No unlinking, no frontlinking
- 16 Exploitation techniques
- 17 Adjacent memory overwrite
- 18 Run header corruption
- 19 OS X and gdb/Python
- 20 unmask_jemalloc
- 21 Firefox heap manipulation
- 22 CVE-2011-3026
- 23 The vulnerability
- 24 Mitigations
- 25 Redzone
- 26 Concluding remarks
- 27 Acknowledgements
- 28 References