Mail Archives: djgpp-workers/1998/07/27/07:21:28
Hallo DJ and workers,
I think there is a bug in free and realloc off malloc.c and fmalloc.c
In malloc.c there is (as far as i'm in to it) a bug because it also
computes the BLOCK of a NULL pointer. I have changed it to compute it
after checking for a NULL.
In fmalloc.c there is no checking for NULL at all, so crashes often,
also i fixed the same as in malloc.c.
I have included a patch for both fmalloc.c and malloc.c.
hth,
Robert.
======= diffs =====
*** src\libc\ansi\stdlib\fmalloc.c.org Fri Jan 2 01:06:00 1998
--- src\libc\ansi\stdlib\fmalloc.c Sun Jul 26 10:59:18 1998
***************
*** 62,68 ****
void
free(void *ptr)
{
! int b = *(int *)((char *)ptr-4);
*(char **)ptr = buckets[b];
buckets[b] = ptr;
}
--- 62,71 ----
void
free(void *ptr)
{
! int b;
! if (ptr == 0)
! return;
! b = *(int *)((char *)ptr-4);
*(char **)ptr = buckets[b];
buckets[b] = ptr;
}
***************
*** 71,82 ****
realloc(void *ptr, size_t size)
{
char *newptr;
! int oldsize = bucket2size[*(int *)((char *)ptr-4)];
if (size <= oldsize)
return ptr;
newptr = (char *)malloc(size);
memcpy(ptr, newptr, oldsize);
free(ptr);
return newptr;
-
}
--- 74,87 ----
realloc(void *ptr, size_t size)
{
char *newptr;
! int oldsize;
! if (ptr == 0)
! return malloc(size);
! oldsize = bucket2size[*(int *)((char *)ptr-4)];
if (size <= oldsize)
return ptr;
newptr = (char *)malloc(size);
memcpy(ptr, newptr, oldsize);
free(ptr);
return newptr;
}
*** src\libc\ansi\stdlib\malloc.c.org Sun Jun 28 22:14:04 1998
--- src\libc\ansi\stdlib\malloc.c Sun Jul 26 11:04:22 1998
***************
*** 279,287 ****
free(void *ptr)
{
int b;
! BLOCK *block = (BLOCK *)((char *)ptr-4);
if (ptr == 0)
return;
#if NUMSMALL
if (block->size < SMALL)
--- 279,288 ----
free(void *ptr)
{
int b;
! BLOCK *block;
if (ptr == 0)
return;
+ block = (BLOCK *)((char *)ptr-4);
#if NUMSMALL
if (block->size < SMALL)
***************
*** 326,338 ****
void *
realloc(void *ptr, size_t size)
{
! BLOCK *b = (BLOCK *)((char *)ptr-4);
char *newptr;
int copysize;
if (ptr == 0)
return malloc(size);
copysize = b->size;
if (size <= b->size)
{
--- 327,340 ----
void *
realloc(void *ptr, size_t size)
{
! BLOCK *b;
char *newptr;
int copysize;
if (ptr == 0)
return malloc(size);
+ b = (BLOCK *)((char *)ptr-4);
copysize = b->size;
if (size <= b->size)
{
- Raw text -