memalign() may fail
Hi Team,
I am not sure about this issue please advise, https://github.com/torproject/tor/blob/master/src/ext/OpenBSD_malloc_Linux.c#L295 i.e
void *memalign(size_t boundary, size_t size);
On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable.
Also note that memalign() may not check that the boundary parameter is correct such as (CWE-676).
Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient.
Request team to please have a look.
Regards Dhiraj
Trac:
Username: Dhiraj