This is the mail archive of the libc-hacker@sources.redhat.com mailing list for the glibc project.

Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]

Re: PATCH: BPs in malloc.c

To: greg at mcgary dot org
Subject: Re: PATCH: BPs in malloc.c
From: Wolfram Gloger <wmglo at dent dot med dot uni-muenchen dot de>
Date: 27 Jul 2000 08:48:36 -0000
CC: libc-hacker at sourceware dot cygnus dot com
References: <200007260817.BAA04085@kayak.mcgary.org>

> No runtime test regressions on i686.
> 
> OK?
> 
> 2000-07-26  Greg McGary  <greg@mcgary.org>
> 
> 	* malloc/malloc.c (bp-checks.h): Add #include.
> 	(mem2chunk, chunk_at_offset, bin_at): Wrap BOUNDED_1 around expression.
> 	(_bin_at): Add unbounded version of bin_at.
> 	(IAV, chunk_alloc): Use unbounded _bin_at.
> 	(mALLOc, rEALLOc, chunk_realloc, mEMALIGn, cALLOc,
> 	chunk2mem_check, realloc_check, malloc_starter, malloc_atfork):
> 	Wrap BOUNDED_N around return value.
> 	(chunk_realloc): Adjust oldsize once.

Looks fine to me, except for the bounded pointer size in
chunk2mem_check().  I think the following additional patch is
necessary.

If you do runtime tests, please also do a test with MALLOC_CHECK_ set
(to 1 or 2).

Regards,
Wolfram.

2000-07-27  Wolfram Gloger  <wg@malloc.de>

	* malloc/malloc.c (chunk2mem_check): Fix bounded pointer size.
	* malloc/malloc.c [! _LIBC]: Define RETURN_ADDRSS.

Index: libc/malloc/malloc.c
===================================================================
RCS file: /cvs/glibc/libc/malloc/malloc.c,v
retrieving revision 1.68
diff -u -r1.68 malloc.c
--- malloc.c	2000/07/26 18:19:03	1.68
+++ malloc.c	2000/07/27 08:44:08
@@ -316,6 +316,7 @@
 
 #ifndef _LIBC
 # define __secure_getenv(Str) getenv (Str)
+# define RETURN_ADDRESS(Ptr) __builtin_return_address (Ptr)
 #endif
 
 /* Macros for handling mutexes and thread-specific data.  This is
@@ -4381,12 +4382,12 @@
 chunk2mem_check(p, sz) mchunkptr p; size_t sz;
 #endif
 {
-  unsigned char* m_ptr = (unsigned char*)BOUNDED_N(chunk2mem(p), sz);
+  /* Available size for detector bytes.  */
+  size_t asz = chunksize(p) - (chunk_is_mmapped(p) ? 2*SIZE_SZ : SIZE_SZ);
+  unsigned char* m_ptr = (unsigned char*)BOUNDED_N(chunk2mem(p), asz);
   size_t i;
 
-  for(i = chunksize(p) - (chunk_is_mmapped(p) ? 2*SIZE_SZ+1 : SIZE_SZ+1);
-      i > sz;
-      i -= 0xFF) {
+  for(i = asz-1; i > sz; i -= 0xFF) {
     if(i-sz < 0x100) {
       m_ptr[i] = (unsigned char)(i-sz);
       break;

Follow-Ups:
- Re: PATCH: BPs in malloc.c
  - From: Greg McGary

References:
- PATCH: BPs in malloc.c
  - From: Greg McGary

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]