From 774d43f27dbc730ee4b8b37bce4d5b3d5c0b74b6 Mon Sep 17 00:00:00 2001
From: Qingqing Li <liqingqing3@huawei.com>
Date: Thu, 22 Sep 2022 15:32:56 -0400
Subject: malloc: Print error when oldsize is not equal to the current size.

This is used to detect errors early.  The read of the oldsize is
not protected by any lock, so check this value to avoid causing
bigger mistakes.

Reviewed-by: DJ Delorie <dj@redhat.com>
---
 malloc/malloc.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'malloc')

diff --git a/malloc/malloc.c b/malloc/malloc.c
index bfe1955737..67ac661256 100644
--- a/malloc/malloc.c
+++ b/malloc/malloc.c
@@ -4803,7 +4803,8 @@ _int_realloc (mstate av, mchunkptr oldp, INTERNAL_SIZE_T oldsize,
 
   /* oldmem size */
   if (__builtin_expect (chunksize_nomask (oldp) <= CHUNK_HDR_SZ, 0)
-      || __builtin_expect (oldsize >= av->system_mem, 0))
+      || __builtin_expect (oldsize >= av->system_mem, 0)
+      || __builtin_expect (oldsize != chunksize (oldp), 0))
     malloc_printerr ("realloc(): invalid old size");
 
   check_inuse_chunk (av, oldp);
-- 
cgit 1.4.1