]> git.kaiwu.me - nginx.git/commitdiff
projects / nginx.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 34b41a7)
Slab: improved double free detection.
authorRuslan Ermilov <ru@nginx.com>
Sat, 3 Dec 2016 07:01:39 +0000 (10:01 +0300)
committerRuslan Ermilov <ru@nginx.com>
Sat, 3 Dec 2016 07:01:39 +0000 (10:01 +0300)
Previously, an attempt to double free the starting page of the
free range was not detected.

src/core/ngx_slab.c patch | blob | history

diff --git a/src/core/ngx_slab.c b/src/core/ngx_slab.c
index b2adbf423e5306e3b8c4003bce638a0e6f71592f..0fc63b5c4331110574510bcd79e7916cb7bee117 100644 (file)
--- a/src/core/ngx_slab.c
+++ b/src/core/ngx_slab.c
@@ -597,7 +597,7 @@ ngx_slab_free_locked(ngx_slab_pool_t *pool, void *p)
             goto wrong_chunk;
         }
 
-        if (slab == NGX_SLAB_PAGE_FREE) {
+        if (!(slab & NGX_SLAB_PAGE_START)) {
             ngx_slab_error(pool, NGX_LOG_ALERT,
                            "ngx_slab_free(): page is already free");
             goto fail;
nginx upstream