about summary refs log tree commit diff
diff options
context:
space:
mode:
authorFlorian Weimer <fweimer@redhat.com>2016-10-27 19:45:19 +0200
committerFlorian Weimer <fweimer@redhat.com>2016-10-28 16:49:04 +0200
commit681421f3cac665a82d000d854ae6df1fb3b561a5 (patch)
tree64608085bde498765bed856e9e8466d8aa8d1af2
parente9c4fe93b3855239752819303ca377dff0ed0553 (diff)
downloadglibc-681421f3cac665a82d000d854ae6df1fb3b561a5.tar.gz
glibc-681421f3cac665a82d000d854ae6df1fb3b561a5.tar.xz
glibc-681421f3cac665a82d000d854ae6df1fb3b561a5.zip
sysmalloc: Initialize previous size field of mmaped chunks
With different encodings of the header, the previous zero initialization
may be insufficient and produce an invalid encoding.
-rw-r--r--ChangeLog5
-rw-r--r--malloc/malloc.c1
2 files changed, 6 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index e071097f5d..997431eea9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2016-10-27  Florian Weimer  <fweimer@redhat.com>
+
+	* malloc/malloc.c (sysmalloc): Initialize previous size field of
+	mmaped chunks.
+
 2016-10-28  Florian Weimer  <fweimer@redhat.com>
 
 	* malloc/malloc.c (struct malloc_chunk): Rename prev_size, size
diff --git a/malloc/malloc.c b/malloc/malloc.c
index f3378b90ed..a10477ed4c 100644
--- a/malloc/malloc.c
+++ b/malloc/malloc.c
@@ -2306,6 +2306,7 @@ sysmalloc (INTERNAL_SIZE_T nb, mstate av)
               else
                 {
                   p = (mchunkptr) mm;
+		  set_prev_size (p, 0);
                   set_head (p, size | IS_MMAPPED);
                 }