sarah
/
tor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix an assertion-failure in memarea_alloc() on 64-bit platforms. 

The trick is that we should assert that our next_mem pointer has not
run off the end of the array _before_ we realign the pointer, since
doing that could take us over the end... but only if we're on a system
where malloc() gives us ram in increments smaller than sizeof(void*).
This commit is contained in:
Nick Mathewson 2009-05-16 23:57:30 -04:00
parent 29bf271ba2
commit 9f25a5529a
2 changed files with 12 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ChangeLog
View File

@ -12,7 +12,12 @@ Changes in version 0.2.1.15??? - ????-??-??
directory authority. Fixes part of bug 932.
- When we change to or from being a bridge, reset our counts of
client usage by country. Fixes bug 932.
- Fix a bug that made stream bandwidth get misreported to the controller.
- Fix a bug that made stream bandwidth get misreported to the
controller.
- Fix an assertion failure on 64-bit platforms when we allocated
memory right up to the end of a memarea, then realigned the
memory one step beyond the end. Fixes a possible cause of bug
930.
Changes in version 0.2.1.14-rc - 2009-04-12

8
src/common/memarea.c
View File

@ -182,6 +182,8 @@ memarea_alloc(memarea_t *area, size_t sz)
memarea_chunk_t *chunk = area->first;
char *result;
tor_assert(chunk);
if (sz == 0)
sz = 1;
if (chunk->next_mem+sz > chunk->u.mem+chunk->mem_size) {
if (sz+CHUNK_HEADER_SIZE >= CHUNK_SIZE) {
/* This allocation is too big. Stick it in a special chunk, and put
@ -198,10 +200,11 @@ memarea_alloc(memarea_t *area, size_t sz)
tor_assert(chunk->mem_size >= sz);
}
result = chunk->next_mem;
chunk->next_mem = realign_pointer(chunk->next_mem + sz);
chunk->next_mem = chunk->next_mem + sz;
// XXXX021 remove these once bug 930 is solved.
tor_assert(chunk->next_mem >= chunk->u.mem);
tor_assert(chunk->next_mem <= chunk->u.mem+chunk->mem_size);
chunk->next_mem = realign_pointer(chunk->next_mem);
return result;
}
@ -272,7 +275,8 @@ memarea_assert_ok(memarea_t *area)
for (chunk = area->first; chunk; chunk = chunk->next_chunk) {
tor_assert(chunk->next_mem >= chunk->u.mem);
tor_assert(chunk->next_mem <= chunk->u.mem+chunk->mem_size+MEMAREA_ALIGN);
tor_assert(chunk->next_mem <=
(char*) realign_pointer(chunk->u.mem+chunk->mem_size));
}
}