From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <fw@sourceware.org>
Received: by sourceware.org (Postfix, from userid 2178)
	id 5195A385B518; Thu, 12 Jan 2023 06:22:02 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 5195A385B518
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org;
	s=default; t=1673504522;
	bh=skLMSbvC4T6YbDqqQN0LcZ892SgB0P07MbPsPZUSB1Q=;
	h=From:To:Subject:Date:From;
	b=Axk/kArx8bWONo16qEoeHWL5bk3BBIHAq94IcIdTIimI1fJUgXjUUcRm6v0c0AbBt
	 p4PIDDRdlkrT98g9JooczXvGsbhAK71DIDKUd1pZNNRjNVkFTK2NNog+e/JY/Sh1XW
	 Df5UrqcnVj9V1P8yPUFo5rpKfeWxvKj4MZzMrrkE=
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Florian Weimer <fw@sourceware.org>
To: glibc-cvs@sourceware.org
Subject: [glibc/release/2.34/master] malloc: Fix -Wuse-after-free warning in
 tst-mallocalign1 [BZ #26779]
X-Act-Checkin: glibc
X-Git-Author: Carlos O'Donell <carlos@redhat.com>
X-Git-Refname: refs/heads/release/2.34/master
X-Git-Oldrev: c5c666f34939d4bbf73aac8b753ab39621ebf33c
X-Git-Newrev: 6484ae5b8c4d4314f748e4d3c9a9baa5385e57c5
Message-Id: <20230112062202.5195A385B518@sourceware.org>
Date: Thu, 12 Jan 2023 06:22:02 +0000 (GMT)
List-Id: <glibc-cvs.sourceware.org>

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6484ae5b8c4d4314f748e4d3c9a9baa5385e57c5

commit 6484ae5b8c4d4314f748e4d3c9a9baa5385e57c5
Author: Carlos O'Donell <carlos@redhat.com>
Date:   Fri Jan 28 15:14:29 2022 -0500

    malloc: Fix -Wuse-after-free warning in tst-mallocalign1 [BZ #26779]
    
    The test leaks bits from the freed pointer via the return value
    in ret, and the compiler correctly identifies this issue.
    We switch the test to use TEST_VERIFY and terminate the test
    if any of the pointers return an unexpected alignment.
    
    This fixes another -Wuse-after-free error when compiling glibc
    with gcc 12.
    
    Tested on x86_64 and i686 without regression.
    
    Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
    (cherry picked from commit 3a7bed5f5a527dbd87412551f41e42e63aeef07a)

Diff:
---
 malloc/tst-mallocalign1.c | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/malloc/tst-mallocalign1.c b/malloc/tst-mallocalign1.c
index 294e821afe..3e09ff30c4 100644
--- a/malloc/tst-mallocalign1.c
+++ b/malloc/tst-mallocalign1.c
@@ -20,6 +20,7 @@
 #include <stdlib.h>
 #include <inttypes.h>
 #include <malloc-size.h>
+#include <support/check.h>
 
 static void *
 test (size_t s)
@@ -31,41 +32,42 @@ test (size_t s)
   return p;
 }
 
+#define ALIGNED(p) (((uintptr_t )p & MALLOC_ALIGN_MASK) == 0)
+
 static int
 do_test (void)
 {
   void *p;
-  int ret = 0;
 
   p = test (2);
-  ret |= (uintptr_t) p & MALLOC_ALIGN_MASK;
+  TEST_VERIFY (ALIGNED (p));
   free (p);
 
   p = test (8);
-  ret |= (uintptr_t) p & MALLOC_ALIGN_MASK;
+  TEST_VERIFY (ALIGNED (p));
   free (p);
 
   p = test (13);
-  ret |= (uintptr_t) p & MALLOC_ALIGN_MASK;
+  TEST_VERIFY (ALIGNED (p));
   free (p);
 
   p = test (16);
-  ret |= (uintptr_t) p & MALLOC_ALIGN_MASK;
+  TEST_VERIFY (ALIGNED (p));
   free (p);
 
   p = test (23);
-  ret |= (uintptr_t) p & MALLOC_ALIGN_MASK;
+  TEST_VERIFY (ALIGNED (p));
   free (p);
 
   p = test (43);
-  ret |= (uintptr_t) p & MALLOC_ALIGN_MASK;
+  TEST_VERIFY (ALIGNED (p));
   free (p);
 
   p = test (123);
-  ret |= (uintptr_t) p & MALLOC_ALIGN_MASK;
+  TEST_VERIFY (ALIGNED (p));
   free (p);
 
-  return ret;
+  return 0;
 }
 
 #include <support/test-driver.c>