From: Ulrich Drepper Date: Tue, 14 Dec 2004 21:18:36 +0000 (+0000) Subject: [BZ #457] X-Git-Tag: cvs/fedora-glibc-20041215T0847~6 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b102cfc2f96ac88aa75ed558c1d4d664c1365292;p=thirdparty%2Fglibc.git [BZ #457] Update. 2004-10-19 Wolfram Gloger * malloc/hooks.c (mem2chunk_check, top_check): Handle non-contiguous arena. Reported by Michael Dalton [BZ #457]. Add further checks for top chunk. --- diff --git a/ChangeLog b/ChangeLog index 12a7011b238..a33df5d4f79 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2004-10-19 Wolfram Gloger + + * malloc/hooks.c (mem2chunk_check, top_check): Handle + non-contiguous arena. Reported by Michael Dalton + [BZ #457]. Add further checks for top chunk. + 2004-12-14 Jakub Jelinek * sysdeps/posix/sysconf.c (__sysconf_check_spec): Remove leading diff --git a/malloc/hooks.c b/malloc/hooks.c index 8a94fd0be89..a5c97f3133f 100644 --- a/malloc/hooks.c +++ b/malloc/hooks.c @@ -157,15 +157,16 @@ mem2chunk_check(mem) Void_t* mem; if(!aligned_OK(mem)) return NULL; p = mem2chunk(mem); - if( (char*)p>=mp_.sbrk_base && - (char*)p<(mp_.sbrk_base+main_arena.system_mem) ) { + if (!chunk_is_mmapped(p)) { /* Must be a chunk in conventional heap memory. */ - if(chunk_is_mmapped(p) || - ( (sz = chunksize(p)), - ((char*)p + sz)>=(mp_.sbrk_base+main_arena.system_mem) ) || + int contig = contiguous(&main_arena); + sz = chunksize(p); + if((contig && + ((char*)p=(mp_.sbrk_base+main_arena.system_mem) )) || szprev_size&MALLOC_ALIGN_MASK || - (long)prev_chunk(p)<(long)mp_.sbrk_base || + (contig && (char*)prev_chunk(p)=MINSIZE && + prev_inuse(t) && + (!contiguous(&main_arena) || + (char*)t + chunksize(t) == mp_.sbrk_base + main_arena.system_mem))) + return 0; malloc_printerr (check_action, "malloc: top chunk is corrupt", t);