DragonFly BSD
DragonFly bugs List (threaded) for 2011-09
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

[issue2130] malloc(SIZE_MAX) returns a buffer sized for 0.


From: "Venkatesh Srinivas \(via DragonFly issue tracker\)" <sinknull@xxxxxxxxxxxxxxxxxxxxx>
Date: Mon, 12 Sep 2011 03:27:30 +0000

New submission from Venkatesh Srinivas <vsrinivas@dragonflybsd.org>:

malloc(SIZE_MAX) returns a buffer sized for 0 bytes on i386; this is because the
addition and mask on nmalloc.c line 824 can overflow.

----------
messages: 10107
nosy: vsrinivas
status: unread
title: malloc(SIZE_MAX) returns a buffer sized for 0.

_____________________________________________________
DragonFly issue tracker <bugs@lists.dragonflybsd.org>
<http://bugs.dragonflybsd.org/issue2130>
_____________________________________________________




[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]