Just saw report that turned out to be mallocng catching a 1-byte (likely off-by-one arithmetic error) heap overflow in a major application. 😃
Conversation
It's incorrect to use the memory though. That remains the case even if malloc_usable_size says that there's more capacity than what was requested. It can be demonstrated with _FORTIFY_SOURCE. It would require a new API meant for that purpose and it's not very useful in practice.
1
We’re in agreement. Take a look at the link I shared, I predict you’ll like what you read!
1
1
I missed that you're the author of the paper.