Siddhesh Poyarekar writes: > On 2023-04-04 01:52, Mingye Wang wrote: >> Hi all, >> In (somewhat) recent discussions about _FORTIFY_SOURCE level 3, a >> common snag to hit seems to be abuse of malloc_usable_size(). The >> attached patch is my attempt at making the situation easier to sort >> through. >> See siddhesh's comment on GitHub.[0] I wonder if the language needs >> to >> be stronger. >> [0]: https://github.com/systemd/systemd/issues/22801#issuecomment-1343041481 > > For more context of my statement, please see this discussion: > > https://sourceware.org/pipermail/libc-alpha/2022-November/143599.html > > which continued into the next month: > > https://sourceware.org/pipermail/libc-alpha/2022-December/143667.html > > This amendment that DJ wrote is probably the most precise description > of the current malloc_usage_size situation: > > The value returned by malloc_usable_size() may be greater than the > requested size of the allocation because of various internal > implementation details, none of which the programmer should rely on. > This function is intended to only be used for diagnostics and > statistics; writing to the excess memory without first calling > realloc() to resize the allocation is not supported. The returned > value is only valid at the time of the call; any other call to a > malloc family API may invalidate it. Honestly, I thought we'd committed that. Oops.