]> git.dujemihanovic.xyz Git - u-boot.git/commit
projects / u-boot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8642b21) | patch
dlmalloc: Fix integer overflow in sbrk()
authorRichard Weinberger <richard@nod.at>
Fri, 2 Aug 2024 10:08:45 +0000 (12:08 +0200)
committerTom Rini <trini@konsulko.com>
Thu, 15 Aug 2024 22:14:36 +0000 (16:14 -0600)
commit0a10b49206a29b4aa2f80233a3e53ca0466bb0b3
tree6ea44a94335c94ccf6a0cebd2eea06680b165e6etree | snapshot
parent8642b2178d2c4002c99a0b69a845a48f2ae2706fcommit | diff
dlmalloc: Fix integer overflow in sbrk()

Make sure that the new break is within mem_malloc_start
and mem_malloc_end before making progress.
ulong new = old + increment; can overflow for extremely large
increment values and memset() can get wrongly called.

Signed-off-by: Richard Weinberger <richard@nod.at>
Reviewed-by: Simon Glass <sjg@chromium.org>
common/dlmalloc.c diff | blob | history
My U-Boot fork