This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
On 11/07/2017 04:27 PM, Istvan Kurucsai wrote:
Ensure that the size of top is below av->system_mem. * malloc/malloc.c (_int_malloc): Check top size. --- malloc/malloc.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/malloc/malloc.c b/malloc/malloc.c index f94d51c..4a30c42 100644 --- a/malloc/malloc.c +++ b/malloc/malloc.c @@ -4078,6 +4078,10 @@ _int_malloc (mstate av, size_t bytes)if ((unsigned long) (size) >= (unsigned long) (nb + MINSIZE)){ + if (__glibc_unlikely ((unsigned long) (size) > + (unsigned long) (av->system_mem))) + malloc_printerr("malloc(): corrupted top chunk"); +
Andreas already pointed out style issues. I'm somewhat surprised that we have accurate accounting in av->system_mem.Furthermore, for non-main arenas, I think the check should be against the size of a single heap, or maybe the minimum of av->system_mem and that size.
Thanks, Florian
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |