diff options
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | malloc/malloc.c | 6 |
2 files changed, 10 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog index 72aaf78cf2..fb280c1de5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +2018-01-12 Istvan Kurucsai <pistukem@gmail.com> + + * malloc/malloc.c (malloc_consolidate): Add size check. + 2018-01-12 Florian Weimer <fweimer@redhat.com> * support/write_message.c (write_message): Preserve errno. diff --git a/malloc/malloc.c b/malloc/malloc.c index 48106f9bd4..f5aafd2c05 100644 --- a/malloc/malloc.c +++ b/malloc/malloc.c @@ -4431,6 +4431,12 @@ static void malloc_consolidate(mstate av) p = atomic_exchange_acq (fb, NULL); if (p != 0) { do { + { + unsigned int idx = fastbin_index (chunksize (p)); + if ((&fastbin (av, idx)) != fb) + malloc_printerr ("malloc_consolidate(): invalid chunk size"); + } + check_inuse_chunk(av, p); nextp = p->fd; |