SLOB: fix bogus ksize calculation

SLOB's ksize calculation was braindamaged and generally harmlessly
underreported the allocation size. But for very small buffers, it could
in fact overreport them, leading code depending on krealloc to overrun
the allocation and trample other data.

Signed-off-by: Matt Mackall <mpm@selenic.com>
Tested-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
Matt Mackall 2008-10-07 11:37:35 -05:00 committed by Linus Torvalds
parent e09e6e2b6a
commit 85ba94ba05

View File

@ -515,7 +515,7 @@ size_t ksize(const void *block)
sp = (struct slob_page *)virt_to_page(block); sp = (struct slob_page *)virt_to_page(block);
if (slob_page(sp)) if (slob_page(sp))
return ((slob_t *)block - 1)->units + SLOB_UNIT; return (((slob_t *)block - 1)->units - 1) * SLOB_UNIT;
else else
return sp->page.private; return sp->page.private;
} }