From patchwork Tue Nov 7 15:27:06 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Istvan Kurucsai X-Patchwork-Id: 24139 Received: (qmail 70020 invoked by alias); 7 Nov 2017 15:27:28 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 69745 invoked by uid 89); 7 Nov 2017 15:27:27 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-25.7 required=5.0 tests=AWL, BAYES_00, FREEMAIL_FROM, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, RCVD_IN_DNSWL_NONE, RCVD_IN_SORBS_SPAM, SPF_PASS autolearn=ham version=3.3.2 spammy=Hx-spam-relays-external:74.125.82.67, H*RU:74.125.82.67 X-HELO: mail-wm0-f67.google.com X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=hpZE/EJZeLzFczPwRqrx5zqCRPu/YdX4zrJ6SsfSzSE=; b=Ey1qRedX/ClU1li3DXrtYYgO9qiXirjdcg281RAlymtFX+36PPN8k8J46fB/5eNSY7 hF4j/gCNkkSqBNe1dWJ0AuNtT6TA//uPBMZZa0w0F46KRFyEO+8NQLb3ZWQ6qjgf/zsC IZU039qwjGtn0EevYT3uK8/Dk1X2h6qpLM9NkCJQGg1pleFG4UhQ49a3ERJi4jGqt3WK xVK9Sspbk3mNGVQVxGa5mmeL0D6S8gASHDyHGZFZC2BhGXoW6n7Ygxg+gPgFdMmP31SX NCwz9q/nUy3ZpZ02zQwWk4sTp943tVkUflBKm1VMt88VDnrwNrO9WYu1RGiog1/AZ2Rq oN2Q== X-Gm-Message-State: AJaThX7CW2/cnxnJ1hl6LJgbKFnnz4MwrL/D48XQLYvVKOmSbkRB8JmJ h2CRmO9mXrXvzslV7sEkBxs3T0b3 X-Google-Smtp-Source: ABhQp+RdDYfxLfQSjZjTgT8W9UzfMP0fIuxXhedax2si7vpSCpvCifuBBkJ5cWc0ggMDVCifGXZ6Qw== X-Received: by 10.28.154.137 with SMTP id c131mr1915640wme.142.1510068444282; Tue, 07 Nov 2017 07:27:24 -0800 (PST) From: Istvan Kurucsai To: libc-alpha@sourceware.org Cc: Istvan Kurucsai Subject: [PATCH v2 3/7] malloc: Ensure that the consolidated fast chunk has a sane size. Date: Tue, 7 Nov 2017 16:27:06 +0100 Message-Id: <1510068430-27816-4-git-send-email-pistukem@gmail.com> In-Reply-To: <1510068430-27816-1-git-send-email-pistukem@gmail.com> References: <1510068430-27816-1-git-send-email-pistukem@gmail.com> * malloc/malloc.c (malloc_consolidate): Add size check. --- malloc/malloc.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/malloc/malloc.c b/malloc/malloc.c index d3fac7e..51d703c 100644 --- a/malloc/malloc.c +++ b/malloc/malloc.c @@ -4406,6 +4406,7 @@ static void malloc_consolidate(mstate av) mfastbinptr* fb; /* current fastbin being consolidated */ mfastbinptr* maxfb; /* last fastbin (for loop control) */ mchunkptr p; /* current chunk being consolidated */ + unsigned int idx; /* fastbin index of current chunk */ mchunkptr nextp; /* next chunk to consolidate */ mchunkptr unsorted_bin; /* bin header */ mchunkptr first_unsorted; /* chunk to link to */ @@ -4437,6 +4438,10 @@ static void malloc_consolidate(mstate av) p = atomic_exchange_acq (fb, NULL); if (p != 0) { do { + idx = fastbin_index (chunksize (p)); + if ((&fastbin (av, idx)) != fb) + malloc_printerr ("malloc_consolidate(): invalid chunk size"); + check_inuse_chunk(av, p); nextp = p->fd;