If the freed block is smaller than a KernFree, then just discard it

Do this rather than trying to insert back into the freelist, because we use the free blocks to store the freelist links, and trying to write into this results in overwriting adjacent memory when the freed block is too small.
ckane · Oct 26, 2024 · 4d389ab · 4d389ab
1 parent c49d18c
commit 4d389ab
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/src/allocator.rs b/src/allocator.rs
@@ -449,6 +449,11 @@ impl InnerKernelAlloc {
                         let b = *a;
                         *a = KernAllocation::default();
 
+                        if b.length < core::mem::size_of::<KernFree>() {
+                            trace!("Freed block (len={}) less than KernFree (len={})", b.length, core::mem::size_of::<KernFree>());
+                            return;
+                        }
+
                         // Then add it back to the free list
                         if let Some(fl) = (*s).freelist {
                             // If it belongs at the head, insert it at the head