[haiku-commits] haiku: hrev43394 - src/system/kernel
- From: mmlr@xxxxxxxx
- To: haiku-commits@xxxxxxxxxxxxx
- Date: Sat, 3 Dec 2011 23:18:20 +0100 (CET)
hrev43394 adds 1 changeset to branch 'master'
old head: b39f919dbfabd409668fd9c8e137292f22a3d9e9
new head: e62d9911eac981cb93a1f972adf4305c7edf07ad
----------------------------------------------------------------------------
e62d991: Allocate as much as is later read, didn't do harm though.
Further in the process the flat argument size is rounded up, but the
actual allocation was done with the unaligned size causing an access
beyond the allocation when later copying the flat arguments. It didn't
do any actual harm as the block sizes of our allocator(s) use elements
that have at least such an alignment.
[ Michael Lotz <mmlr@xxxxxxxx> ]
----------------------------------------------------------------------------
Revision: hrev43394
Commit: e62d9911eac981cb93a1f972adf4305c7edf07ad
URL: http://cgit.haiku-os.org/haiku/commit/?id=e62d991
Author: Michael Lotz <mmlr@xxxxxxxx>
Date: Sat Dec 3 22:13:52 2011 UTC
----------------------------------------------------------------------------
1 files changed, 1 insertions(+), 1 deletions(-)
src/system/kernel/team.cpp | 2 +-
----------------------------------------------------------------------------
diff --git a/src/system/kernel/team.cpp b/src/system/kernel/team.cpp
index 3d693e4..61903e5 100644
--- a/src/system/kernel/team.cpp
+++ b/src/system/kernel/team.cpp
@@ -1378,7 +1378,7 @@ copy_user_process_args(const char* const* userFlatArgs,
size_t flatArgsSize,
return B_BAD_ADDRESS;
// allocate kernel memory
- char** flatArgs = (char**)malloc(flatArgsSize);
+ char** flatArgs = (char**)malloc(_ALIGN(flatArgsSize));
if (flatArgs == NULL)
return B_NO_MEMORY;
Other related posts:
- » [haiku-commits] haiku: hrev43394 - src/system/kernel - mmlr
