Re: FreeTree posible memory corruption ?

2016-09-28 Thread Temtaime via Digitalmars-d 

On Wednesday, 28 September 2016 at 19:55:35 UTC, ag0aep6g wrote:

On Wednesday, 28 September 2016 at 19:39:14 UTC, Temtaime wrote:

[...]


That's not phobos's source. You can find it at 
.



[...]


I've recently fixed two issues in FreeTree's code. I think the 
one you've spotted was one of them. See 
.


Sorry, it was first link from a google :(
Yes, your PR is addressed to this issue.
Thanks!

Re: FreeTree posible memory corruption ?

2016-09-28 Thread ag0aep6g via Digitalmars-d 

On Wednesday, 28 September 2016 at 19:39:14 UTC, Temtaime wrote:

Look here :
https://github.com/Hackerpilot/experimental_allocator/blob/master/src/std/experimental/allocator/building_blocks/free_tree.d#L297


That's not phobos's source. You can find it at 
.


It tries to find a block inside the tree. If it fails, it 
allocates n bytes passed to the function.


Look a little down and you see a deallocate method.
It casts previousli allocated block to internal Node struct and 
then tries to set some fields in it.


Suppose we called allocate(1) and it'll call parent allocator 
with size 1. So size of returned block will be 1. Then we 
deallocate such a block, and FreeTree corrupts memory.


Am-I wrong and missed something ?


I've recently fixed two issues in FreeTree's code. I think the 
one you've spotted was one of them. See 
.

FreeTree posible memory corruption ?

2016-09-28 Thread Temtaime via Digitalmars-d 

Look here :
https://github.com/Hackerpilot/experimental_allocator/blob/master/src/std/experimental/allocator/building_blocks/free_tree.d#L297

It tries to find a block inside the tree. If it fails, it 
allocates n bytes passed to the function.


Look a little down and you see a deallocate method.
It casts previousli allocated block to internal Node struct and 
then tries to set some fields in it.


Suppose we called allocate(1) and it'll call parent allocator 
with size 1. So size of returned block will be 1. Then we 
deallocate such a block, and FreeTree corrupts memory.


Am-I wrong and missed something ?