summary refs log tree commit diff
path: root/malloc/malloc.c
diff options
context:
space:
mode:
Diffstat (limited to 'malloc/malloc.c')
-rw-r--r--malloc/malloc.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/malloc/malloc.c b/malloc/malloc.c
index 5cc3473ae2..55e2cbc0cd 100644
--- a/malloc/malloc.c
+++ b/malloc/malloc.c
@@ -4131,6 +4131,13 @@ _int_free(mstate av, Void_t* mem)
     p = mem2chunk(mem);
     size = chunksize(p);
 
+    /* Little security check which won't hurt performance: the
+       allocator never wrapps around at the end of the address space.
+       Therefore we can exclude some size values which might appear
+       here by accident or by "design" from some intruder.  */
+    if ((uintptr_t) p > (uintptr_t) -size)
+      return;
+
     check_inuse_chunk(av, p);
 
     /*