Overview

File glibc-2.10-mcheck-free-race.diff of Package glibc

2009-06-15  Petr Baudis  <pasky@suse.cz>

	* malloc/hooks.c (free_check): Do not invoke mem2chunk_check()
	without main_arena mutex held.

diff --git a/malloc/hooks.c b/malloc/hooks.c
index 622a815..47d3c85 100644
--- malloc/hooks.c
+++ malloc/hooks.c
@@ -276,25 +276,33 @@ free_check(mem, caller) Void_t* mem; const Void_t *caller;
   mchunkptr p;
 
   if(!mem) return;
+#ifndef ATOMIC_FASTBINS
+  (void)mutex_lock(&main_arena.mutex);
+#endif
   p = mem2chunk_check(mem, NULL);
   if(!p) {
+#ifndef ATOMIC_FASTBINS
+    (void)mutex_unlock(&main_arena.mutex);
+#endif
     malloc_printerr(check_action, "free(): invalid pointer", mem);
     return;
   }
 #if HAVE_MMAP
   if (chunk_is_mmapped(p)) {
     munmap_chunk(p);
-    return;
-  }
+  } else
 #endif
+  {
 #if 0 /* Erase freed memory. */
-  memset(mem, 0, chunksize(p) - (SIZE_SZ+1));
+    memset(mem, 0, chunksize(p) - (SIZE_SZ+1));
 #endif
 #ifdef ATOMIC_FASTBINS
-  _int_free(&main_arena, p, 0);
+    _int_free(&main_arena, p, 0);
 #else
-  (void)mutex_lock(&main_arena.mutex);
-  _int_free(&main_arena, p);
+    _int_free(&main_arena, p);
+#endif
+  }
+#ifndef ATOMIC_FASTBINS
   (void)mutex_unlock(&main_arena.mutex);
 #endif
 }
openSUSE Build Service is sponsored by
Places