one more instance of the previous commit; also initialize ->offset to a

author otto <otto@openbsd.org>

Mon, 10 Jul 2017 09:44:16 +0000 (09:44 +0000)

committer otto <otto@openbsd.org>

Mon, 10 Jul 2017 09:44:16 +0000 (09:44 +0000)
author otto <otto@openbsd.org>
Mon, 10 Jul 2017 09:44:16 +0000 (09:44 +0000)
committer otto <otto@openbsd.org>
Mon, 10 Jul 2017 09:44:16 +0000 (09:44 +0000)
diff --git a/lib/libc/stdlib/malloc.c b/lib/libc/stdlib/malloc.c

index dc2c7b1..22f83f3 100644 (file)
--- a/lib/libc/stdlib/malloc.c
+++ b/lib/libc/stdlib/malloc.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: malloc.c,v 1.227 2017/07/07 19:14:46 otto Exp $       */
+/*     $OpenBSD: malloc.c,v 1.228 2017/07/10 09:44:16 otto Exp $       */
  /*
   * Copyright (c) 2008, 2010, 2011, 2016 Otto Moerbeek <otto@drijf.net>
   * Copyright (c) 2012 Matthew Dempsky <matthew@openbsd.org>
@@ -886,6 +886,7 @@ omalloc_make_chunks(struct dir_info *d, int bits, int listnum)
                 while (i >>= 1)
                         bp->shift++;
                 bp->total = bp->free = MALLOC_PAGESIZE >> bp->shift;
+               bp->offset = 0xdead;
                 bp->page = pp;
  
                 k = mprotect(pp, MALLOC_PAGESIZE, PROT_NONE);
@@ -1793,7 +1794,7 @@ orecallocarray(struct dir_info *argpool, void *p, size_t oldsize,
  
         REALSIZE(sz, r);
         if (sz <= MALLOC_MAXCHUNK) {
-               if (mopts.chunk_canaries) {
+               if (mopts.chunk_canaries && sz > 0) {
                         struct chunk_info *info = (struct chunk_info *)r->size;
                         uint32_t chunknum = find_chunknum(pool, r, p, 0);
author	otto <otto@openbsd.org>
	Mon, 10 Jul 2017 09:44:16 +0000 (09:44 +0000)
committer	otto <otto@openbsd.org>
	Mon, 10 Jul 2017 09:44:16 +0000 (09:44 +0000)