From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/11616 Path: news.gmane.org!.POSTED!not-for-mail From: Alexander Monakov Newsgroups: gmane.linux.lib.musl.general Subject: [PATCH] fix undefined behavior in free Date: Tue, 27 Jun 2017 20:58:47 +0300 Message-ID: <20170627175847.13827-1-amonakov@ispras.ru> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: blaine.gmane.org X-Trace: blaine.gmane.org 1498586344 25408 195.159.176.226 (27 Jun 2017 17:59:04 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Tue, 27 Jun 2017 17:59:04 +0000 (UTC) To: musl@lists.openwall.com Original-X-From: musl-return-11629-gllmg-musl=m.gmane.org@lists.openwall.com Tue Jun 27 19:59:01 2017 Return-path: Envelope-to: gllmg-musl@m.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by blaine.gmane.org with smtp (Exim 4.84_2) (envelope-from ) id 1dPulO-0006M1-DH for gllmg-musl@m.gmane.org; Tue, 27 Jun 2017 19:58:58 +0200 Original-Received: (qmail 9577 invoked by uid 550); 27 Jun 2017 17:59:00 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Original-Received: (qmail 9534 invoked from network); 27 Jun 2017 17:58:59 -0000 X-Mailer: git-send-email 2.11.0 Xref: news.gmane.org gmane.linux.lib.musl.general:11616 Archived-At: --- src/malloc/malloc.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/malloc/malloc.c b/src/malloc/malloc.c index 720fa696..ef4c7368 100644 --- a/src/malloc/malloc.c +++ b/src/malloc/malloc.c @@ -463,14 +463,15 @@ copy_realloc: void free(void *p) { - struct chunk *self = MEM_TO_CHUNK(p); - struct chunk *next; + struct chunk *self, *next; size_t final_size, new_size, size; int reclaim=0; int i; if (!p) return; + self = MEM_TO_CHUNK(p); + if (IS_MMAPPED(self)) { size_t extra = self->psize; char *base = (char *)self - extra; -- 2.11.0