I'm using Doug Lea's malloc.c and malloc.h in the following code:
#include <stdio.h>
#include <string.h>
#include "dlmalloc.h"
#define USE_DL_PREFIX
int main()
{
char *test = dlcalloc(5, 1);
strcpy(test, "helloextra");
dlfree(test); /* Shouldn't this crash? */
printf("%s", test);
return 0;
}
And test prints correctly! Can someone please explain? I'm thinking that I haven't tuned this malloc right. Anybody had this problem before?
I started using Doug Lea's malloc after I had this problem.
If you want it to crash, define FOOTERS, according to this snipped from malloc.h you linked to:
When FOOTERS is defined, in addition to range checking, we also
verify footer fields of inuse chunks, which can be used guarantee
that the mstate controlling malloc/free is intact.
At a quick glance, that should make dlfree to call abort(), if there has been buffer overrun.