DragonFly bugs List (threaded) for 2011-09
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]

[issue2130] malloc(SIZE_MAX) returns a buffer sized for 0.

From:	"Venkatesh Srinivas \(via DragonFly issue tracker\)" <sinknull@xxxxxxxxxxxxxxxxxxxxx>
Date:	Mon, 12 Sep 2011 03:27:30 +0000

New submission from Venkatesh Srinivas <vsrinivas@dragonflybsd.org>:

malloc(SIZE_MAX) returns a buffer sized for 0 bytes on i386; this is because the
addition and mask on nmalloc.c line 824 can overflow.

----------
messages: 10107
nosy: vsrinivas
status: unread
title: malloc(SIZE_MAX) returns a buffer sized for 0.

_____________________________________________________
DragonFly issue tracker <bugs@lists.dragonflybsd.org>
<http://bugs.dragonflybsd.org/issue2130>
_____________________________________________________

Follow-Ups:
- [issue2130] malloc(SIZE_MAX) returns a buffer sized for 0.
  - From: "Venkatesh Srinivas \(via DragonFly issue tracker\)" <sinknull@leaf.dragonflybsd.org>

References:
- [issue2130] malloc(SIZE_MAX) returns a buffer sized for 0.
  - From: "Venkatesh Srinivas \(via DragonFly issue tracker\)" <sinknull@leaf.dragonflybsd.org>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]