fix undefined behavior in free

author Alexander Monakov <amonakov@ispras.ru>

Tue, 27 Jun 2017 17:58:47 +0000 (20:58 +0300)

committer Rich Felker <dalias@aerifal.cx>

Tue, 4 Jul 2017 21:11:33 +0000 (17:11 -0400)
author Alexander Monakov <amonakov@ispras.ru>
Tue, 27 Jun 2017 17:58:47 +0000 (20:58 +0300)
committer Rich Felker <dalias@aerifal.cx>
Tue, 4 Jul 2017 21:11:33 +0000 (17:11 -0400)
diff --git a/src/malloc/malloc.c b/src/malloc/malloc.c

index d5ee4280e9324ead8464dfd7ad2f37eb21d950d1..9e05e1d6ade9bb75c52811cbbb0c0f95049fafa8 100644 (file)
--- a/src/malloc/malloc.c
+++ b/src/malloc/malloc.c
@@ -450,14 +450,15 @@ copy_realloc:
  
  void free(void *p)
  {
-       struct chunk *self = MEM_TO_CHUNK(p);
-       struct chunk *next;
+       struct chunk *self, *next;
         size_t final_size, new_size, size;
         int reclaim=0;
         int i;
  
         if (!p) return;
  
+       self = MEM_TO_CHUNK(p);
+
         if (IS_MMAPPED(self)) {
                 size_t extra = self->psize;
                 char *base = (char *)self - extra;
author	Alexander Monakov <amonakov@ispras.ru>
	Tue, 27 Jun 2017 17:58:47 +0000 (20:58 +0300)
committer	Rich Felker <dalias@aerifal.cx>
	Tue, 4 Jul 2017 21:11:33 +0000 (17:11 -0400)