You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
28 lines
1.2 KiB
28 lines
1.2 KiB
commit 52ffbdf25a1100986f4ae27bb0febbe5a722ab25 |
|
Author: Florian Weimer <fweimer@redhat.com> |
|
Date: Wed Sep 10 20:29:15 2014 +0200 |
|
|
|
malloc: additional unlink hardening for non-small bins [BZ #17344] |
|
|
|
Turn two asserts into a conditional call to malloc_printerr. The |
|
memory locations are accessed later anyway, so the performance |
|
impact is minor. |
|
|
|
Index: b/malloc/malloc.c |
|
=================================================================== |
|
--- a/malloc/malloc.c |
|
+++ b/malloc/malloc.c |
|
@@ -1441,8 +1441,11 @@ typedef struct malloc_chunk* mbinptr; |
|
BK->fd = FD; \ |
|
if (!in_smallbin_range (P->size) \ |
|
&& __builtin_expect (P->fd_nextsize != NULL, 0)) { \ |
|
- assert (P->fd_nextsize->bk_nextsize == P); \ |
|
- assert (P->bk_nextsize->fd_nextsize == P); \ |
|
+ if (__builtin_expect (P->fd_nextsize->bk_nextsize != P, 0) \ |
|
+ || __builtin_expect (P->bk_nextsize->fd_nextsize != P, 0)) \ |
|
+ malloc_printerr (check_action, \ |
|
+ "corrupted double-linked list (not small)", P,\ |
|
+ AV); \ |
|
if (FD->fd_nextsize == NULL) { \ |
|
if (P->fd_nextsize == P) \ |
|
FD->fd_nextsize = FD->bk_nextsize = FD; \
|
|
|