Bug #2130
malloc(SIZE_MAX) returns a buffer sized for 0.
Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Description
malloc(SIZE_MAX) returns a buffer sized for 0 bytes on i386; this is because the
addition and mask on nmalloc.c line 824 can overflow.