From patchwork Tue Sep 24 11:38:51 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kjetil Oftedal X-Patchwork-Id: 1166536 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=uclibc.org (client-ip=140.211.166.136; helo=silver.osuosl.org; envelope-from=uclibc-bounces@uclibc.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com X-Greylist: delayed 449 seconds by postgrey-1.36 at bilbo; Tue, 24 Sep 2019 21:58:51 AEST Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46d08W3f00z9sPJ for ; Tue, 24 Sep 2019 21:58:51 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id 850352156C; Tue, 24 Sep 2019 11:51:17 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Quydnr5X1vqi; Tue, 24 Sep 2019 11:51:16 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by silver.osuosl.org (Postfix) with ESMTP id 2B9E820402; Tue, 24 Sep 2019 11:51:16 +0000 (UTC) X-Original-To: uclibc@lists.busybox.net Delivered-To: uclibc@osuosl.org Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by ash.osuosl.org (Postfix) with ESMTP id 6E06F1BF31B for ; Tue, 24 Sep 2019 11:51:14 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id 693832041F for ; Tue, 24 Sep 2019 11:51:14 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3i42mRSPH65g for ; Tue, 24 Sep 2019 11:51:13 +0000 (UTC) X-Greylist: delayed 00:12:04 by SQLgrey-1.7.6 Received: from rel03.intility.com (rel03.intility.com [137.221.30.10]) by silver.osuosl.org (Postfix) with ESMTPS id 51831203A9 for ; Tue, 24 Sep 2019 11:51:13 +0000 (UTC) X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A2H3AAApAIpd/2QKAQpkHQEBBQEMBQGBVgUBCwGEOZ82hWWLQAkBAQEOBSoBAYgGNwYOAgwBAQUBAQEBAQUEAQEChiKCOiKEJkNcAk2DIoFqAQOvFgUBF4VMgX4KGScNZoFFCQGBKgGHL4RxgX+DAXRsghqCd4UWBKxLQUaBZoIujluEAQIZmSQBLZgIjyKBaIF7MxoIGxVsgjtQEBSBWhcVjg9xjTMBAQ X-IronPort-AV: E=Sophos;i="5.64,543,1559512800"; d="scan'208";a="12962789" Received: from i2-relay-002.i04.local ([10.1.10.100]) by rel03.intility.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 24 Sep 2019 13:38:51 +0200 Received: from buildhostv2.i04.local ([10.70.47.153]) by I2-RELAY-002.i04.local with Microsoft SMTPSVC(10.0.14393.2608); Tue, 24 Sep 2019 13:38:51 +0200 From: Kjetil Oftedal To: uclibc@uclibc.org Subject: [PATCH] malloc: Add missing locks for some paths (valloc/memalign/posix_memalign) Date: Tue, 24 Sep 2019 13:38:51 +0200 Message-Id: <1569325132-22320-1-git-send-email-oftedal@gmail.com> X-Mailer: git-send-email 1.7.9.5 X-OriginalArrivalTime: 24 Sep 2019 11:38:51.0200 (UTC) FILETIME=[A3111C00:01D572CC] X-BeenThere: uclibc@uclibc.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion and development of uClibc \(the embedded C library\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: uclibc-bounces@uclibc.org Sender: "uClibc" The internal heap structures were not protected properly in memalign(). If multiple threads were concurrently allocating memory and one of them were requesting aligned memory via valloc,memalign or posix_memalign the internal heap data structures could be corrupted. Signed-off-by: Kjetil Oftedal --- libc/stdlib/malloc/memalign.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/libc/stdlib/malloc/memalign.c b/libc/stdlib/malloc/memalign.c index 74d5dbd..0d3de67 100644 --- a/libc/stdlib/malloc/memalign.c +++ b/libc/stdlib/malloc/memalign.c @@ -77,7 +77,9 @@ memalign (size_t alignment, size_t size) init_size = addr - tot_addr; } + __heap_lock (&__malloc_heap_lock); __heap_free (heap, base, init_size); + __heap_unlock (&__malloc_heap_lock); /* Remember that we've freed the initial part of MEM. */ base += init_size; @@ -85,9 +87,11 @@ memalign (size_t alignment, size_t size) /* Return the end part of MEM to the heap, unless it's too small. */ end_addr = addr + size; - if (end_addr + MALLOC_REALLOC_MIN_FREE_SIZE < tot_end_addr) + if (end_addr + MALLOC_REALLOC_MIN_FREE_SIZE < tot_end_addr) { + __heap_lock (&__malloc_heap_lock); __heap_free (heap, (void *)end_addr, tot_end_addr - end_addr); - else + __heap_unlock (&__malloc_heap_lock); + } else /* We didn't free the end, so include it in the size. */ end_addr = tot_end_addr;