Skip to content

Commit a72cf71

Browse files
GJDuckGJDuck
committed
Fix GJDuck#18 
1 parent 43f181e commit a72cf71

4 files changed

Lines changed: 18 additions & 2 deletions

File tree

examples/stdlib.c

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1291,8 +1291,9 @@ static __attribute__((__noinline__)) void *malloc_allocate(size_t size,
12911291
next += alloc_size;
12921292
if (next > pool->access)
12931293
{
1294-
size_t access_size =
1295-
((next - pool->access) / MALLOC_PAGE_SIZE) + MALLOC_PAGE_SIZE;
1294+
size_t access_size = ((next - pool->access) / MALLOC_PAGE_SIZE) + 1;
1295+
access_size = (access_size < 4? 4: access_size);
1296+
access_size *= MALLOC_PAGE_SIZE;
12961297
if (mprotect(pool->access, access_size, PROT_READ | PROT_WRITE) < 0)
12971298
{
12981299
if (lock)

test/regtest/18.exp

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
buf = "aaaaaaaaaa...", strlen(buf) = 8191
2+
PASSED

test/regtest/18.in

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
./test.pie -M 'asm=.*%cs:.*' -A 'call bug_18@patch'

test/regtest/patch.cpp

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -351,3 +351,15 @@ void string(const char *s)
351351
fprintf(stderr, "%s\n", s);
352352
}
353353

354+
void bug_18(void)
355+
{
356+
int size = 8192;
357+
char *buf = (char *)malloc((size_t) size * sizeof(char));
358+
359+
for (int i = 0; i < size; i += 1)
360+
buf[i] = 'a';
361+
buf[size-1] = '\0';
362+
363+
fprintf(stderr, "buf = \"%.10s...\", strlen(buf) = %zu\n", buf, strlen(buf));
364+
}
365+

0 commit comments

Comments
 (0)