[syslinux:elflink] realloc: Set the HEAP when splitting a block

syslinux-bot for Matt Fleming matt.fleming at intel.com
Wed Jan 23 07:09:09 PST 2013


Commit-ID:  8bd57b191035bf02b676e2fa760d3a981bd1df02
Gitweb:     http://www.syslinux.org/commit/8bd57b191035bf02b676e2fa760d3a981bd1df02
Author:     Matt Fleming <matt.fleming at intel.com>
AuthorDate: Wed, 23 Jan 2013 10:55:14 +0000
Committer:  Matt Fleming <matt.fleming at intel.com>
CommitDate: Wed, 23 Jan 2013 15:05:28 +0000

realloc: Set the HEAP when splitting a block

Failure to do so means we may put a free block in some random location
because ARENA_HEAP_GET() can return something invalid when used to
find the correct free list in __free_block().

This bug manifested as running out of available free memory.

Cc: H. Peter Anvin <hpa at zytor.com>
Signed-off-by: Matt Fleming <matt.fleming at intel.com>

---
 core/mem/malloc.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/core/mem/malloc.c b/core/mem/malloc.c
index 02e6061..3825f2a 100644
--- a/core/mem/malloc.c
+++ b/core/mem/malloc.c
@@ -165,6 +165,8 @@ __export void *realloc(void *ptr, size_t size)
 		ARENA_TYPE_SET(nah->a.attrs, ARENA_TYPE_FREE);
 		ARENA_SIZE_SET(nah->a.attrs, xsize - newsize);
 		ARENA_SIZE_SET(ah->a.attrs, newsize);
+		ARENA_HEAP_SET(nah->a.attrs, ARENA_HEAP_GET(ah->a.attrs));
+
 		//nah->a.type = ARENA_TYPE_FREE;
 		//nah->a.size = xsize - newsize;
 		//ah->a.size = newsize;


More information about the Syslinux-commits mailing list