This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] fix to malloc checking

From: Andreas Schwab <schwab at linux-m68k dot org>
To: James Lemke <jwlemke at codesourcery dot com>
Cc: <libc-alpha at sourceware dot org>
Date: Tue, 11 Nov 2014 22:31:42 +0100
Subject: Re: [PATCH] fix to malloc checking
Authentication-results: sourceware.org; auth=none
References: <5462592E dot 9050301 at codesourcery dot com> <87ppctij7h dot fsf at igel dot home> <54627D3A dot 1030300 at codesourcery dot com>

James Lemke <jwlemke@codesourcery.com> writes:

> On 11/11/2014 03:19 PM, Andreas Schwab wrote:
>>> -      if (c <= 0 || size < (c + 2 * SIZE_SZ))
>>> >-        {
>>> >-          malloc_printerr (check_action, "malloc_check_get_size: memory corruption",
>>> >-                           chunk2mem (p));
>>> >-          return 0;
>>> >-        }
>>> >+      if (size - c <= 2 * SIZE_SZ)
>>> >+	     break;
>>
>> If c > size then the difference wraps around.
>
> That would indicate memory corruption and the loop would terminate,
> which it should.

This condition will not terminate it, and the next iteration will cause
size to wrap around.

Andreas.

-- 
Andreas Schwab, schwab@linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."

Follow-Ups:
- Re: [PATCH] fix to malloc checking
  - From: James Lemke

References:
- [PATCH] fix to malloc checking
  - From: James Lemke
- Re: [PATCH] fix to malloc checking
  - From: Andreas Schwab
- Re: [PATCH] fix to malloc checking
  - From: James Lemke

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]