Fix an assertion-failure in memarea_alloc() on 64-bit platforms.

The trick is that we should assert that our next_mem pointer has not
run off the end of the array _before_ we realign the pointer, since
doing that could take us over the end... but only if we're on a system
where malloc() gives us ram in increments smaller than sizeof(void*).

1 files changed, 6 insertions, 2 deletions

diff --git a/src/common/memarea.c b/src/common/memarea.c
index 7771f2c2ac..1c81e2fd78 100644
--- a/src/common/memarea.c
+++ b/src/common/memarea.c
@@ -182,6 +182,8 @@ memarea_alloc(memarea_t *area, size_t sz)
   memarea_chunk_t *chunk = area->first;
   char *result;
   tor_assert(chunk);
+  if (sz == 0)
+    sz = 1;
   if (chunk->next_mem+sz > chunk->u.mem+chunk->mem_size) {
     if (sz+CHUNK_HEADER_SIZE >= CHUNK_SIZE) {
       /* This allocation is too big.  Stick it in a special chunk, and put
@@ -198,10 +200,11 @@ memarea_alloc(memarea_t *area, size_t sz)
     tor_assert(chunk->mem_size >= sz);
   }
   result = chunk->next_mem;
-  chunk->next_mem = realign_pointer(chunk->next_mem + sz);
+  chunk->next_mem = chunk->next_mem + sz;
   // XXXX021 remove these once bug 930 is solved.
   tor_assert(chunk->next_mem >= chunk->u.mem);
   tor_assert(chunk->next_mem <= chunk->u.mem+chunk->mem_size);
+  chunk->next_mem = realign_pointer(chunk->next_mem);
   return result;
 }
 
@@ -272,7 +275,8 @@ memarea_assert_ok(memarea_t *area)
 
   for (chunk = area->first; chunk; chunk = chunk->next_chunk) {
     tor_assert(chunk->next_mem >= chunk->u.mem);
-    tor_assert(chunk->next_mem <= chunk->u.mem+chunk->mem_size+MEMAREA_ALIGN);
+    tor_assert(chunk->next_mem <=
+          (char*) realign_pointer(chunk->u.mem+chunk->mem_size));
   }
 }