From d9204e9eedc8a671e6f035318d28cb55440c3a8b Mon Sep 17 00:00:00 2001 From: Philippe Waroquiers Date: Sun, 15 Apr 2018 08:06:43 +0200 Subject: [PATCH] Fix 393099 - posix_memalign() invalid write if alignment == 0 Bug and analysis by Gabriel Ganne --- coregrind/m_replacemalloc/vg_replace_malloc.c | 3 ++- memcheck/tests/memalign2.c | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/coregrind/m_replacemalloc/vg_replace_malloc.c b/coregrind/m_replacemalloc/vg_replace_malloc.c index 9fb0069b17..11f6a90ba0 100644 --- a/coregrind/m_replacemalloc/vg_replace_malloc.c +++ b/coregrind/m_replacemalloc/vg_replace_malloc.c @@ -1001,7 +1001,8 @@ static void init(void); \ /* Test whether the alignment argument is valid. It must be \ a power of two multiple of sizeof (void *). */ \ - if (alignment % sizeof (void *) != 0 \ + if (alignment == 0 \ + || alignment % sizeof (void *) != 0 \ || (alignment & (alignment - 1)) != 0) \ return VKI_EINVAL; \ \ diff --git a/memcheck/tests/memalign2.c b/memcheck/tests/memalign2.c index 39069a6fb8..95d13354e7 100644 --- a/memcheck/tests/memalign2.c +++ b/memcheck/tests/memalign2.c @@ -82,7 +82,7 @@ int main ( void ) # define PM(a,b,c) posix_memalign((void**)a, b, c) res = PM(&p, -1,100); assert(EINVAL == res); - res = PM(&p, 0, 100); assert(0 == res && 0 == (long)p % 8); + res = PM(&p, 0, 100); assert(EINVAL == res); res = PM(&p, 1, 100); assert(EINVAL == res); res = PM(&p, 2, 100); assert(EINVAL == res); res = PM(&p, 3, 100); assert(EINVAL == res); -- 2.47.2