commit 52ffbdf25a1100986f4ae27bb0febbe5a722ab25
Author: Florian Weimer <fweimer@redhat.com>
Date: Wed Sep 10 20:29:15 2014 +0200
malloc: additional unlink hardening for non-small bins [BZ #17344]
Turn two asserts into a conditional call to malloc_printerr. The
memory locations are accessed later anyway, so the performance
impact is minor.
Index: b/malloc/malloc.c
===================================================================
--- a/malloc/malloc.c
+++ b/malloc/malloc.c
@@ -1441,8 +1441,11 @@ typedef struct malloc_chunk* mbinptr;
BK->fd = FD; \
if (!in_smallbin_range (P->size) \
&& __builtin_expect (P->fd_nextsize != NULL, 0)) { \
- assert (P->fd_nextsize->bk_nextsize == P); \
- assert (P->bk_nextsize->fd_nextsize == P); \
+ if (__builtin_expect (P->fd_nextsize->bk_nextsize != P, 0) \
+ || __builtin_expect (P->bk_nextsize->fd_nextsize != P, 0)) \
+ malloc_printerr (check_action, \
+ "corrupted double-linked list (not small)", P,\
+ AV); \
if (FD->fd_nextsize == NULL) { \
if (P->fd_nextsize == P) \
FD->fd_nextsize = FD->bk_nextsize = FD; \