realloc: Set the HEAP when splitting a block

Failure to do so means we may put a free block in some random location because ARENA_HEAP_GET() can return something invalid when used to find the correct free list in __free_block(). This bug manifested as running out of available free memory. Cc: H. Peter Anvin <hpa@zytor.com> Signed-off-by: Matt Fleming <matt.fleming@intel.com>
author: Matt Fleming <matt.fleming@intel.com> 2013-01-23 10:55:14 +0000
committer: Matt Fleming <matt.fleming@intel.com> 2013-01-23 15:05:28 +0000
commit: 8bd57b191035bf02b676e2fa760d3a981bd1df02 (patch)
tree: 3505cc137520e10a9f719d1ad6eb0f8e0678d62b
parent: fdb7da7c2a868ab4537d020584c03f128e511d8d (diff)
download: syslinux-8bd57b191035bf02b676e2fa760d3a981bd1df02.tar.gz
syslinux-8bd57b191035bf02b676e2fa760d3a981bd1df02.tar.xz
syslinux-8bd57b191035bf02b676e2fa760d3a981bd1df02.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/core/mem/malloc.c b/core/mem/malloc.c
index 02e60614..3825f2a6 100644
--- a/core/mem/malloc.c
+++ b/core/mem/malloc.c
@@ -165,6 +165,8 @@ __export void *realloc(void *ptr, size_t size)
 		ARENA_TYPE_SET(nah->a.attrs, ARENA_TYPE_FREE);
 		ARENA_SIZE_SET(nah->a.attrs, xsize - newsize);
 		ARENA_SIZE_SET(ah->a.attrs, newsize);
+		ARENA_HEAP_SET(nah->a.attrs, ARENA_HEAP_GET(ah->a.attrs));
+
 		//nah->a.type = ARENA_TYPE_FREE;
 		//nah->a.size = xsize - newsize;
 		//ah->a.size = newsize;
author	Matt Fleming <matt.fleming@intel.com>	2013-01-23 10:55:14 +0000
committer	Matt Fleming <matt.fleming@intel.com>	2013-01-23 15:05:28 +0000
commit	8bd57b191035bf02b676e2fa760d3a981bd1df02 (patch)
tree	3505cc137520e10a9f719d1ad6eb0f8e0678d62b
parent	fdb7da7c2a868ab4537d020584c03f128e511d8d (diff)
download	syslinux-8bd57b191035bf02b676e2fa760d3a981bd1df02.tar.gz syslinux-8bd57b191035bf02b676e2fa760d3a981bd1df02.tar.xz syslinux-8bd57b191035bf02b676e2fa760d3a981bd1df02.zip