From 249a5895f120b13290a372a49bb4b499e749806f Mon Sep 17 00:00:00 2001
From: Istvan Kurucsai <pistukem@gmail.com>
Date: Fri, 12 Jan 2018 15:26:20 +0100
Subject: malloc: Ensure that the consolidated fast chunk has a sane size.

---
 malloc/malloc.c | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'malloc')

diff --git a/malloc/malloc.c b/malloc/malloc.c
index 48106f9bd4..f5aafd2c05 100644
--- a/malloc/malloc.c
+++ b/malloc/malloc.c
@@ -4431,6 +4431,12 @@ static void malloc_consolidate(mstate av)
     p = atomic_exchange_acq (fb, NULL);
     if (p != 0) {
       do {
+	{
+	  unsigned int idx = fastbin_index (chunksize (p));
+	  if ((&fastbin (av, idx)) != fb)
+	    malloc_printerr ("malloc_consolidate(): invalid chunk size");
+	}
+
 	check_inuse_chunk(av, p);
 	nextp = p->fd;
 
-- 
cgit v1.2.1