AmendHub

--- util.c Sun Aug 21 12:18:59 2022 +++ util.c Wed Aug 24 13:18:35 2022 @@ -86,15 +86,6 @@ struct malloc_map_e { char note[MALLOC_NOTE_SIZE]; } malloc_map[MALLOC_MAP_SIZE]; -/* - * On xfree(&), the pointer will be updated to point here. xfree_verify() - * should be called periodically to detect any writes to it, indicating - * a use-after-free. - */ -#define MALLOC_UAF_SIZE 256 -static const char malloc_uaf_zero[MALLOC_UAF_SIZE] = { 0 }; -static char malloc_uaf[MALLOC_UAF_SIZE]; - static bool malloc_map_compact = false; #endif @@ -116,7 +107,6 @@ util_init(void) #ifdef MALLOC_DEBUG memset(&malloc_map, 0, sizeof(malloc_map)); - memset(&malloc_uaf, 0, sizeof(malloc_uaf)); #endif } @@ -184,13 +174,10 @@ xfree(void *ptrptr) void *ptr = (void *)*addr; #ifdef MALLOC_DEBUG unsigned long n; - - if (*addr == (unsigned long)&malloc_uaf) - panic("xfree(%lu): double free()", *addr); - + for (n = 0; n <= MALLOC_MAP_SIZE; n++) { if (n == MALLOC_MAP_SIZE) - panic("xfree(%lu): can't find in alloc map, likely " + panic("xfree(0x%lx): can't find in alloc map, likely " "double free()", *addr); if (malloc_map[n].addr == *addr) { malloc_map[n].addr = 0; @@ -203,21 +190,8 @@ xfree(void *ptrptr) DisposePtr(ptr); -#ifdef MALLOC_DEBUG - *addr = (unsigned long)&malloc_uaf; -#else *addr = 0L; -#endif } - -#ifdef MALLOC_DEBUG -void -xfree_verify(void) -{ - if (memcmp(malloc_uaf, malloc_uaf_zero, sizeof(malloc_uaf)) != 0) - panic("xfree_verify: use-after-free detected"); -} -#endif void * xmalloczero(size_t size, char *note)