diff options
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | malloc/malloc.c | 6 |
3 files changed, 11 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog index 0377062999..71c9671895 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2014-09-11 Florian Weimer <fweimer@redhat.com> + + [BZ #17344] + * malloc/malloc.c (unlink): Turn asserts into a call to + malloc_printerr. + 2014-09-11 Tim Lammens <tim.lammens@gmail.com> [BZ #17370] diff --git a/NEWS b/NEWS index c607d12485..680c265c68 100644 --- a/NEWS +++ b/NEWS @@ -29,7 +29,7 @@ Version 2.20 16966, 16967, 16977, 16978, 16984, 16990, 16996, 17009, 17022, 17031, 17042, 17048, 17050, 17058, 17061, 17062, 17069, 17075, 17078, 17079, 17084, 17086, 17088, 17092, 17097, 17125, 17135, 17137, 17150, 17153, - 17187, 17213, 17259, 17261, 17262, 17263, 17319, 17325, 17354. + 17187, 17213, 17259, 17261, 17262, 17263, 17319, 17325, 17344, 17354. * Reverted change of ABI data structures for s390 and s390x: On s390 and s390x the size of struct ucontext and jmp_buf was increased in diff --git a/malloc/malloc.c b/malloc/malloc.c index 6ee38401dd..6cbe9f32f8 100644 --- a/malloc/malloc.c +++ b/malloc/malloc.c @@ -1418,8 +1418,10 @@ typedef struct malloc_chunk *mbinptr; BK->fd = FD; \ if (!in_smallbin_range (P->size) \ && __builtin_expect (P->fd_nextsize != NULL, 0)) { \ - assert (P->fd_nextsize->bk_nextsize == P); \ - assert (P->bk_nextsize->fd_nextsize == P); \ + if (__builtin_expect (P->fd_nextsize->bk_nextsize != P, 0) \ + || __builtin_expect (P->bk_nextsize->fd_nextsize != P, 0)) \ + malloc_printerr (check_action, \ + "corrupted double-linked list (not small)", P);\ if (FD->fd_nextsize == NULL) { \ if (P->fd_nextsize == P) \ FD->fd_nextsize = FD->bk_nextsize = FD; \ |