RCHECK bug in malloc

steve at miduet.UUCP steve at miduet.UUCP
Tue Jul 15 04:17:32 AEST 1986


[Probably old hat, this, but anyway....]

A colleague of mine unearthed this bug in 4.2 malloc.c when it was
compiled with range checking (RCHECK) included. This manifested itself
by returning errors whenever 'realloc' was used. A diff follows.

-----------------------------------------------------------------
|Steve Lademann         |Phone: 44 727 59292 x326               |
|Marconi Instruments Ltd|UUCP : ...mcvax!ukc!hrc63!miduet!steve |
|St. Albans    AL4 0JN  |NRS  : steve at uk.co.gec-mi-at           |
|Herts.   UK            |                                       |
-----------------------------------------------------------------
|"The views expressed herein do not necessarily reflect"| _____ |
|"those of my employer, and may not even reflect my own"| (   ) |
-----------------------------------------------------------------

16a17,20
> /*
>  * Modified By Tim Yates <yates at miduet.UUCP> to fix bug when using RCHECK
>  */
> 
263a268,278
> 		/* modified by Tim Yates <yates at miduet.UUCP> */
> 		/* correct the position of the magic number and the
> 		 * real size of the block */
> #ifdef RCHECK
> 		{
> 		nbytes += sizeof(union overhead) + RSLOP;
> 		nbytes = (nbytes + 3) &~ 3;
> 		op->ov_size = nbytes - 1;
>   		*((u_int *)((caddr_t)op + nbytes - RSLOP)) = RMAGIC;
> 		}
> #endif RCHECK



More information about the Comp.bugs.4bsd.ucb-fixes mailing list