malloc: Abort on heap corruption, without a backtrace [BZ #21754]

The stack trace printing caused deadlocks and has been itself been
targeted by code execution exploits.

1 files changed, 9 insertions, 11 deletions

diff --git a/manual/memory.texi b/manual/memory.texi
index 82f473806c..13cce7a750 100644
--- a/manual/memory.texi
+++ b/manual/memory.texi
@@ -1309,17 +1309,15 @@ The block was already freed.
 
 Another possibility to check for and guard against bugs in the use of
 @code{malloc}, @code{realloc} and @code{free} is to set the environment
-variable @code{MALLOC_CHECK_}.  When @code{MALLOC_CHECK_} is set, a
-special (less efficient) implementation is used which is designed to be
-tolerant against simple errors, such as double calls of @code{free} with
-the same argument, or overruns of a single byte (off-by-one bugs).  Not
-all such errors can be protected against, however, and memory leaks can
-result.  If @code{MALLOC_CHECK_} is set to @code{0}, any detected heap
-corruption is silently ignored; if set to @code{1}, a diagnostic is
-printed on @code{stderr}; if set to @code{2}, @code{abort} is called
-immediately.  This can be useful because otherwise a crash may happen
-much later, and the true cause for the problem is then very hard to
-track down.
+variable @code{MALLOC_CHECK_}.  When @code{MALLOC_CHECK_} is set to a
+non-zero value, a special (less efficient) implementation is used which
+is designed to be tolerant against simple errors, such as double calls
+of @code{free} with the same argument, or overruns of a single byte
+(off-by-one bugs).  Not all such errors can be protected against,
+however, and memory leaks can result.
+
+Any detected heap corruption results in immediate termination of the
+process.
 
 There is one problem with @code{MALLOC_CHECK_}: in SUID or SGID binaries
 it could possibly be exploited since diverging from the normal programs