summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorAchim Kriso <achim.kriso@student.kit.edu>2020-03-13 14:02:30 +0100
committerAndreas Fried <andreas.fried@kit.edu>2020-03-26 14:08:14 +0100
commit152f511ebdcdf49f5a5480b0f951ed71aeec7ab0 (patch)
tree5a38fd33a90b6c51847a308b22c88daee40fcbc5
parentdc231d8f915c446ea543cdd4f728e30dcdb0c5b3 (diff)
increase allocation size by one to avoid out of bounds pointer on the edge
-rw-r--r--runtime/lfmalloc/src/lfinternal.c6
1 files changed, 5 insertions, 1 deletions
diff --git a/runtime/lfmalloc/src/lfinternal.c b/runtime/lfmalloc/src/lfinternal.c
index 9e8fbcb..6626c5c 100644
--- a/runtime/lfmalloc/src/lfinternal.c
+++ b/runtime/lfmalloc/src/lfinternal.c
@@ -43,7 +43,7 @@ typedef struct region {
pthread_mutex_t mutex;
} region;
-region region_freelists[REGION_COUNT] = { NULL };
+region region_freelists[REGION_COUNT] = {{ NULL }};
//If malloc is called with size zero, the address of this global is returned.
//Some functions (regcomp) expect malloc to return a unique address if size == 0,
@@ -225,6 +225,8 @@ void *__lf_malloc(size_t size) {
//Allow stdlib to use stdlib malloc
__init();
+ size++;
+
// refer to libc_malloc if size is too large
if (size > MAX_SIZE) {
PRINTF_DBG("size (0x%lx) too large, deferring to __libc_malloc.\n", size);
@@ -303,6 +305,8 @@ void *__lf_memalign(size_t alignment, size_t size) {
return NULL;
}
+ size++;
+
size_t region_idx = __lf_search_region_index(size);
__lock_region(region_idx);
region* r = &region_freelists[region_idx];