This is an automated email from the git hooks/post-receive script.
aurel32 pushed a commit to branch sid
in repository glibc.
commit ee84a946d539b6e12d5a5eae9c645fb917dc00e2
Author: Aurelien Jarno <aurel...@aurel32.net>
Date: Sun May 28 18:24:27 2017 +0200
debian/patches/any/cvs-malloc-hardening.diff: backport one more commit
---
debian/patches/any/cvs-malloc-hardening.diff | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/debian/patches/any/cvs-malloc-hardening.diff
b/debian/patches/any/cvs-malloc-hardening.diff
index b233551..7c84545 100644
--- a/debian/patches/any/cvs-malloc-hardening.diff
+++ b/debian/patches/any/cvs-malloc-hardening.diff
@@ -3,6 +3,11 @@
* malloc/malloc.c (unlink): Add consistency check between size and
next->prev->size, to further harden against 1-byte overflows.
+2016-10-27 Florian Weimer <fwei...@redhat.com>
+
+ * malloc/malloc.c (sysmalloc): Initialize previous size field of
+ mmaped chunks.
+
diff --git a/malloc/malloc.c b/malloc/malloc.c
index e29105c372..994a23248e 100644
--- a/malloc/malloc.c
@@ -11,8 +16,16 @@ index e29105c372..994a23248e 100644
/* Take a chunk off a bin list */
#define unlink(AV, P, BK, FD) { \
-+ if (__builtin_expect (chunksize(P) != prev_size (next_chunk(P)), 0))
\
++ if (__builtin_expect (chunksize(P) != next_chunk(P)->prev_size, 0)) \
+ malloc_printerr (check_action, "corrupted size vs. prev_size", P, AV);
\
FD = P->fd;
\
BK = P->bk;
\
if (__builtin_expect (FD->bk != P || BK->fd != P, 0)) \
+@@ -2306,6 +2306,7 @@ sysmalloc (INTERNAL_SIZE_T nb, mstate av)
+ else
+ {
+ p = (mchunkptr) mm;
++ p->prev_size = 0;
+ set_head (p, size | IS_MMAPPED);
+ }
+
--
Alioth's /usr/local/bin/git-commit-notice on
/srv/git.debian.org/git/pkg-glibc/glibc.git
