upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-09 12:12:11 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

3350. [bug] Memory read overrun in isc___mem_reallocate if

Browse source 
ISC_MEM_DEBUGCTX memory debugging flag is set.
                        [RT #30240]
This commit is contained in:
Mark Andrews 2012-07-18 09:50:52 +10:00
parent b8ba5c8369
commit d0d892f449
2 changed files with 9 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
CHANGES
View file

@ -1,3 +1,7 @@
3350. [bug] Memory read overrun in isc___mem_reallocate if
ISC_MEM_DEBUGCTX memory debugging flag is set.
[RT #30240]
3349. [bug] Change #3345 was incomplete. [RT #30233]
3348. [security] prevent RRSIG data from being cached if a negative

6
lib/isc/mem.c
View file

@ -1598,7 +1598,11 @@ isc___mem_reallocate(isc_mem_t *ctx0, void *ptr, size_t size FLARG) {
oldsize = (((size_info *)ptr)[-1]).u.size;
INSIST(oldsize >= ALIGNMENT_SIZE);
oldsize -= ALIGNMENT_SIZE;
copysize = oldsize > size ? size : oldsize;
if ((isc_mem_debugging & ISC_MEM_DEBUGCTX) != 0) {
INSIST(oldsize >= ALIGNMENT_SIZE);
oldsize -= ALIGNMENT_SIZE;
}
copysize = (oldsize > size) ? size : oldsize;
memcpy(new_ptr, ptr, copysize);
isc__mem_free(ctx0, ptr FLARG_PASS);
}