From c3b9ef8dfc83e9d17da5adc73709d2f7dfbbaf13 Mon Sep 17 00:00:00 2001
From: Siddhesh Poyarekar <siddhesh@redhat.com>
Date: Mon, 24 Aug 2015 14:33:07 +0530
Subject: Don't use the main arena in retry path if it is corrupt

If allocation on a non-main arena fails, the main arena is used
without checking to see if it is corrupt.  Add a check that avoids the
main arena if it is corrupt.

	* malloc/arena.c (arena_get_retry): Don't use main_arena if it is
	corrupt.
---
 malloc/arena.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'malloc')

diff --git a/malloc/arena.c b/malloc/arena.c
index cfec94d182..b44e307ade 100644
--- a/malloc/arena.c
+++ b/malloc/arena.c
@@ -909,6 +909,10 @@ arena_get_retry (mstate ar_ptr, size_t bytes)
   if (ar_ptr != &main_arena)
     {
       (void) mutex_unlock (&ar_ptr->mutex);
+      /* Don't touch the main arena if it is corrupt.  */
+      if (arena_is_corrupt (&main_arena))
+	return NULL;
+
       ar_ptr = &main_arena;
       (void) mutex_lock (&ar_ptr->mutex);
     }
-- 
cgit v1.2.3