[issue2130] malloc(SIZE_MAX) returns a buffer sized for 0.
Venkatesh Srinivas (via DragonFly issue tracker)
sinknull at leaf.dragonflybsd.org
Sun Sep 11 20:28:44 PDT 2011
New submission from Venkatesh Srinivas <vsrinivas at dragonflybsd.org>:
malloc(SIZE_MAX) returns a buffer sized for 0 bytes on i386; this is because the
addition and mask on nmalloc.c line 824 can overflow.
----------
messages: 10107
nosy: vsrinivas
status: unread
title: malloc(SIZE_MAX) returns a buffer sized for 0.
_____________________________________________________
DragonFly issue tracker <bugs at lists.dragonflybsd.org>
<http://bugs.dragonflybsd.org/issue2130>
_____________________________________________________
More information about the Bugs
mailing list