glibc/malloc
Arjun Shankar 34697694e8 Fix integer overflow in malloc when tcache is enabled [BZ #22375]
When the per-thread cache is enabled, __libc_malloc uses request2size (which
does not perform an overflow check) to calculate the chunk size from the
requested allocation size. This leads to an integer overflow causing malloc
to incorrectly return the last successfully allocated block when called with
a very large size argument (close to SIZE_MAX).

This commit uses checked_request2size instead, removing the overflow.
2017-11-30 13:42:53 +01:00
..
alloc_buffer_alloc_array.c Implement allocation buffers for internal use 2017-06-21 22:43:57 +02:00
alloc_buffer_allocate.c Implement allocation buffers for internal use 2017-06-21 22:43:57 +02:00
alloc_buffer_copy_bytes.c Implement allocation buffers for internal use 2017-06-21 22:43:57 +02:00
alloc_buffer_copy_string.c Implement allocation buffers for internal use 2017-06-21 22:43:57 +02:00
alloc_buffer_create_failure.c Implement allocation buffers for internal use 2017-06-21 22:43:57 +02:00
arena.c malloc: Call tcache destructor in arena_thread_freeres 2017-11-23 14:47:31 +01:00
Depend
dynarray_at_failure.c Add internal facility for dynamic array handling 2017-06-02 11:59:28 +02:00
dynarray_emplace_enlarge.c __libc_dynarray_emplace_enlarge: Add missing else 2017-09-06 16:03:28 +02:00
dynarray_finalize.c Add internal facility for dynamic array handling 2017-06-02 11:59:28 +02:00
dynarray_resize_clear.c Add internal facility for dynamic array handling 2017-06-02 11:59:28 +02:00
dynarray_resize.c dynarray: Set errno on overflow-induced allocation failure 2017-08-30 20:10:56 +02:00
dynarray-skeleton.c dynarray: Implement begin/end functions in the spirit of C++ 2017-06-13 21:55:10 +02:00
dynarray.h dynarray: Use libc_hidden_proto only for !_ISOMAC 2017-06-19 12:58:08 +02:00
hooks.c Silence -O3 -Wall warning in malloc/hooks.c with GCC 7 [BZ #22052] 2017-10-15 08:16:37 -07:00
Makefile malloc: Add missing arena lock in malloc_info [BZ #22408] 2017-11-15 11:39:01 +01:00
malloc-hooks.h Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
malloc-internal.h malloc: Remove the internal_function attribute 2017-08-31 15:59:06 +02:00
malloc.c Fix integer overflow in malloc when tcache is enabled [BZ #22375] 2017-11-30 13:42:53 +01:00
malloc.h Add reallocarray function 2017-05-30 18:27:57 -03:00
mallocbug.c Reformat malloc to gnu style. 2014-01-02 09:40:10 +01:00
mcheck-init.c malloc: Use compat_symbol_reference in libmcheck [BZ #22050] 2017-10-16 20:52:34 +02:00
mcheck.c Do not use __ptr_t. 2017-08-08 17:14:49 +00:00
mcheck.h Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
memusage.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
memusage.sh Update copyright dates not handled by scripts/update-copyrights. 2017-01-01 00:26:24 +00:00
memusagestat.c Update copyright dates not handled by scripts/update-copyrights. 2017-01-01 00:26:24 +00:00
morecore.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
mtrace.c Mark __dso_handle as hidden [BZ #18822] 2017-09-26 16:53:44 -07:00
mtrace.pl Update copyright dates not handled by scripts/update-copyrights. 2017-01-01 00:26:24 +00:00
obstack.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
obstack.h Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
reallocarray.c Add reallocarray function 2017-05-30 18:27:57 -03:00
scratch_buffer_grow_preserve.c scratch_buffer: use union for internal buffer 2017-09-25 18:04:22 -07:00
scratch_buffer_grow.c Sync scratch_buffer with gnulib 2017-09-08 15:51:34 +02:00
scratch_buffer_set_array_size.c Sync scratch_buffer with gnulib 2017-09-08 15:51:34 +02:00
set-freeres.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
thread-freeres.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-alloc_buffer.c Prevent an implicit int promotion in malloc/tst-alloc_buffer.c 2017-06-26 09:56:26 -03:00
tst-calloc.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-dynarray-at-fail.c Add internal facility for dynamic array handling 2017-06-02 11:59:28 +02:00
tst-dynarray-fail.c Add internal facility for dynamic array handling 2017-06-02 11:59:28 +02:00
tst-dynarray-shared.h dynarray: Implement begin/end functions in the spirit of C++ 2017-06-13 21:55:10 +02:00
tst-dynarray.c dynarray: Set errno on overflow-induced allocation failure 2017-08-30 20:10:56 +02:00
tst-interpose-aux-nothread.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-interpose-aux-thread.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-interpose-aux.c Fix failing test malloc/tst-interpose-nothread with GCC 7. 2017-03-21 16:41:56 +01:00
tst-interpose-aux.h Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-interpose-nothread.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-interpose-skeleton.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-interpose-static-nothread.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-interpose-static-thread.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-interpose-thread.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-malloc_info.c malloc: Add missing arena lock in malloc_info [BZ #22408] 2017-11-15 11:39:01 +01:00
tst-malloc-backtrace.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-malloc-fork-deadlock.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-malloc-tcache-leak.c malloc: Fix tcache leak after thread destruction [BZ #22111] 2017-10-06 09:31:52 -07:00
tst-malloc-thread-exit.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-malloc-thread-fail.c Increase some test timeouts. 2017-01-05 17:39:38 +00:00
tst-malloc-usable-static-tunables.c Initialize tunable list with the GLIBC_TUNABLES environment variable 2016-12-31 23:49:24 +05:30
tst-malloc-usable-static.c Add framework for tunables 2016-12-31 23:49:24 +05:30
tst-malloc-usable-tunables.c Initialize tunable list with the GLIBC_TUNABLES environment variable 2016-12-31 23:49:24 +05:30
tst-malloc-usable.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-malloc.c Split DIAG_* macros to new header libc-diag.h. 2017-02-25 09:59:46 -05:00
tst-mallocfork2.c Increase some test timeouts. 2017-01-05 17:39:38 +00:00
tst-mallocfork.c Prefer https for Sourceware links 2017-11-16 11:49:26 +05:30
tst-mallocstate.c Fix tests that are testing obsoleted functionality 2017-09-05 12:24:00 -07:00
tst-mallopt.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-mcheck.c Split DIAG_* macros to new header libc-diag.h. 2017-02-25 09:59:46 -05:00
tst-memalign.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-mtrace.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-mtrace.sh Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-obstack.c Modify several tests to use test-skeleton.c 2014-11-05 15:24:08 +05:30
tst-posix_memalign.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-pvalloc.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-realloc.c Split DIAG_* macros to new header libc-diag.h. 2017-02-25 09:59:46 -05:00
tst-reallocarray.c Add reallocarray function 2017-05-30 18:27:57 -03:00
tst-scratch_buffer.c scratch_buffer: use union for internal buffer 2017-09-25 18:04:22 -07:00
tst-trim1.c
tst-valloc.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
Versions Implement allocation buffers for internal use 2017-06-21 22:43:57 +02:00