Merge pull request #37 from SFBdragon/main

alexcrichton · web-flow · commit 7b43912fee0a · 2024-01-30T06:23:18.000-06:00
Validate user allocation size to resolve #32
diff --git a/src/dlmalloc.rs b/src/dlmalloc.rs
@@ -1168,6 +1168,21 @@ impl<A: Allocator> Dlmalloc<A> {
         }
     }
 
+    pub unsafe fn validate_size(&mut self, ptr: *mut u8, size: usize) {
+        let p = Chunk::from_mem(ptr);
+        let psize = Chunk::size(p);
+
+        let min_overhead = self.overhead_for(p);
+        assert!(psize >= size + min_overhead);
+
+        if !Chunk::mmapped(p) {
+            let max_overhead =
+                min_overhead + self.min_chunk_size() * 2 + mem::align_of::<usize>() - 1;
+
+            assert!(psize <= size + max_overhead);
+        }
+    }
+
     pub unsafe fn free(&mut self, mem: *mut u8) {
         self.check_malloc_state();
 
diff --git a/src/lib.rs b/src/lib.rs
@@ -141,7 +141,8 @@ impl<A: Allocator> Dlmalloc<A> {
     /// method contracts.
     #[inline]
     pub unsafe fn free(&mut self, ptr: *mut u8, size: usize, align: usize) {
-        let _ = (size, align);
+        let _ = align;
+        self.0.validate_size(ptr, size);
         self.0.free(ptr)
     }
 
@@ -162,6 +163,8 @@ impl<A: Allocator> Dlmalloc<A> {
         old_align: usize,
         new_size: usize,
     ) -> *mut u8 {
+        self.0.validate_size(ptr, old_size);
+
         if old_align <= self.0.malloc_alignment() {
             self.0.realloc(ptr, new_size)
         } else {
