Re: [PATCH][BZ #1349] Return requested size for malloc_usable_sizewhen MALLOC_CHECK_ > 0

[Florian Weimer <fweimer at redhat dot com>]

On 08/31/2012 03:02 PM, Siddhesh Poyarekar wrote:

> When MALLOC_CHECK_ is exported as a positive value (which I am doing
> for this test), malloc_usable_size should return exactly 7, since the
> malloc_check code adds a magic number at p[7] if p is the mem pointer.
> Anything greater than that and the user may risk writing over the magic
> value and tripping an assertion during free.

The "7" depends on malloc allocation granularity.  On x86_64, the magic 
number is not 7, but 23, and malloc_usable_size(malloc(7)) == 24.

I'm not sure how to test this in a robust manner.  Perhaps you could use 
a loop and look for a bumo in malloc_usable_size, and make sure that the 
size after the bump is not divisible by 4?

--
Florian Weimer / Red Hat Product Security Team