From 14032c30e2d41e5c0dac25d399f7086f74d4e0c8 Mon Sep 17 00:00:00 2001 From: Rich Felker Date: Tue, 17 Apr 2018 15:18:49 -0400 Subject: comment __malloc_donate overflow logic --- src/malloc/malloc.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'src/malloc') diff --git a/src/malloc/malloc.c b/src/malloc/malloc.c index 6605ec3a..991300cc 100644 --- a/src/malloc/malloc.c +++ b/src/malloc/malloc.c @@ -563,6 +563,9 @@ void __malloc_donate(char *start, char *end) size_t align_start_up = (SIZE_ALIGN-1) & (-(uintptr_t)start - OVERHEAD); size_t align_end_down = (SIZE_ALIGN-1) & (uintptr_t)end; + /* Getting past this condition ensures that the padding for alignment + * and header overhead will not overflow and will leave a nonzero + * multiple of SIZE_ALIGN bytes between start and end. */ if (end - start <= OVERHEAD + align_start_up + align_end_down) return; start += align_start_up + OVERHEAD; -- cgit v1.2.1