From 22f7faf60ed8170e7f99e57254571b2288e0e486 Mon Sep 17 00:00:00 2001 From: Christoffer Lerno Date: Thu, 21 Nov 2024 13:36:24 +0100 Subject: [PATCH] SimpleHeapAllocator bug when splitting blocks allowed memory overrun. --- lib/std/core/allocators/heap_allocator.c3 | 2 +- releasenotes.md | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/std/core/allocators/heap_allocator.c3 b/lib/std/core/allocators/heap_allocator.c3 index 3aef5c57e..6612c9119 100644 --- a/lib/std/core/allocators/heap_allocator.c3 +++ b/lib/std/core/allocators/heap_allocator.c3 @@ -98,7 +98,7 @@ fn void*! SimpleHeapAllocator._alloc(&self, usz bytes) @local return current + 1; case current.size > aligned_bytes: Header* unallocated = (Header*)((char*)current + aligned_bytes + Header.sizeof); - unallocated.size = current.size - aligned_bytes; + unallocated.size = current.size - aligned_bytes - Header.sizeof; unallocated.next = current.next; if (current == self.free_list) { diff --git a/releasenotes.md b/releasenotes.md index bc811aa6a..6913931bd 100644 --- a/releasenotes.md +++ b/releasenotes.md @@ -18,6 +18,7 @@ - Fix issue with overloaded subscript and ++/--. - Fix issue with properties in different targets not being respected #1633. - Indexing an Optional slice would crash in codegen #1636. +- SimpleHeapAllocator bug when splitting blocks allowed memory overrun. ### Stdlib changes - Add `io::MultiReader`, `io::MultiWriter`, and `io::TeeReader` structs.