aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog4
-rw-r--r--malloc/malloc.c3
2 files changed, 7 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index cd60ef8399..dc72e54f00 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2018-08-16 Pochang Chen <johnchen902@gmail.com>
+
+ * malloc/malloc.c (_int_malloc.c): Verify size of top chunk.
+
2018-08-16 Siddhesh Poyarekar <siddhesh@sourceware.org>
* benchtests/bench-strlen.c (do_test): Allocate buffers before
diff --git a/malloc/malloc.c b/malloc/malloc.c
index e247c77b7d..9431108626 100644
--- a/malloc/malloc.c
+++ b/malloc/malloc.c
@@ -4076,6 +4076,9 @@ _int_malloc (mstate av, size_t bytes)
victim = av->top;
size = chunksize (victim);
+ if (__glibc_unlikely (size > av->system_mem))
+ malloc_printerr ("malloc(): corrupted top size");
+
if ((unsigned long) (size) >= (unsigned long) (nb + MINSIZE))
{
remainder_size = size - nb;
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-20 11:42:15 +0000