https://bugs.exim.org/show_bug.cgi?id=2838
--- Comment #15 from John Paul Adrian Glaubitz <glaubitz@???> ---
OK, I found the problem. The issue is that exim's own alloc functions use "int"
instead of "size_t" and cast between both types.
The problem is that the size of "int" is not necessarily the same size as
"size_t" on a given platform. So I think the proper fix would be to switch
exim's own memory management from int to size_t.
The following quick and dirty hack fixes the issue for me:
diff --git a/src/src/store.c b/src/src/store.c
index e4cd722c3..0564676c4 100644
--- a/src/src/store.c
+++ b/src/src/store.c
@@ -192,7 +192,7 @@ static const uschar * poolclass[NPOOLS] = {
#endif
-static void * internal_store_malloc(int, const char *, int);
+static void * internal_store_malloc(size_t, const char *, int);
static void internal_store_free(void *, const char *, int linenumber);
/******************************************************************************/
@@ -867,7 +867,7 @@ Returns: pointer to gotten store (panic on failure)
*/
static void *
-internal_store_malloc(int size, const char *func, int line)
+internal_store_malloc(size_t size, const char *func, int line)
{
void * yield;
@@ -876,17 +876,17 @@ if (size < 0 || size >= INT_MAX/2)
"bad memory allocation requested (%d bytes) at %s %d",
size, func, line);
-size += sizeof(int); /* space to store the size, used under debug */
+size += sizeof(size_t); /* space to store the size, used under debug */
if (size < 16) size = 16;
-if (!(yield = malloc((size_t)size)))
+if (!(yield = malloc(size)))
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to malloc %d bytes of memory: "
"called from line %d in %s", size, line, func);
#ifndef COMPILE_UTILITY
-DEBUG(D_any) *(int *)yield = size;
+DEBUG(D_any) *(size_t *)yield = size;
#endif
-yield = US yield + sizeof(int);
+yield = US yield + sizeof(size_t);
if ((nonpool_malloc += size) > max_nonpool_malloc)
max_nonpool_malloc = nonpool_malloc;
@@ -899,7 +899,7 @@ giving warnings. */
is not filled with zeros so as to catch problems. */
if (f.running_in_test_harness)
- memset(yield, 0xF0, (size_t)size - sizeof(int));
+ memset(yield, 0xF0, (size_t)size - sizeof(size_t));
DEBUG(D_memory) debug_printf("--Malloc %6p %5d bytes\t%-20s %4d\tpool %5d
nonpool %5d\n",
yield, size, func, line, pool_malloc, nonpool_malloc);
#endif /* COMPILE_UTILITY */
@@ -908,7 +908,7 @@ return yield;
}
void *
-store_malloc_3(int size, const char *func, int linenumber)
+store_malloc_3(size_t size, const char *func, int linenumber)
{
if (n_nonpool_blocks++ > max_nonpool_blocks)
max_nonpool_blocks = n_nonpool_blocks;
@@ -933,10 +933,10 @@ Returns: nothing
static void
internal_store_free(void * block, const char * func, int linenumber)
{
-uschar * p = US block - sizeof(int);
+uschar * p = US block - sizeof(size_t);
#ifndef COMPILE_UTILITY
-DEBUG(D_any) nonpool_malloc -= *(int *)p;
-DEBUG(D_memory) debug_printf("----Free %6p %5d bytes\t%-20s %4d\n", block,
*(int *)p, func, linenumber);
+DEBUG(D_any) nonpool_malloc -= *(size_t *)p;
+DEBUG(D_memory) debug_printf("----Free %6p %5d bytes\t%-20s %4d\n", block,
*(size_t *)p, func, linenumber);
#endif
free(p);
}
diff --git a/src/src/store.h b/src/src/store.h
index ccfa8f012..3e4240842 100644
--- a/src/src/store.h
+++ b/src/src/store.h
@@ -65,7 +65,7 @@ typedef void ** rmark;
extern BOOL store_extend_3(void *, BOOL, int, int, const char *, int);
extern void store_free_3(void *, const char *, int);
/* store_get_3 & store_get_perm_3 are in local_scan.h */
-extern void *store_malloc_3(int, const char *, int) ALLOC
ALLOC_SIZE(1) WARN_UNUSED_RESULT;
+extern void *store_malloc_3(size_t, const char *, int) ALLOC
ALLOC_SIZE(1) WARN_UNUSED_RESULT;
extern rmark store_mark_3(const char *, int);
extern void *store_newblock_3(void *, BOOL, int, int, const char *, int);
extern void store_release_above_3(void *, const char *, int);
--
You are receiving this mail because:
You are on the CC list for the bug.
