handle sizeof(void *) allocations specially when using malloc guard.

they get a whole page and go right at the end of it. ok deraadt tdeval

src/lib/libc/stdlib/malloc.c

@@ -8,7 +8,7 @@
  */
 
 #if defined(LIBC_SCCS) && !defined(lint)
-static char rcsid[] = "$OpenBSD: malloc.c,v 1.72 2005/03/31 21:24:46 tdeval Exp $";
+static char rcsid[] = "$OpenBSD: malloc.c,v 1.73 2005/05/24 16:39:05 tedu Exp $";
 #endif /* LIBC_SCCS and not lint */
 
 /*
@@ -1060,6 +1060,13 @@ malloc_bytes(size_t size)
     return ((u_char *)bp->page + k);
 }
 
+/*
+ * magic so that malloc(sizeof(ptr)) is near the end of the page.
+ */
+#define PTR_GAP (malloc_pagesize - sizeof(void *))
+#define PTR_SIZE (sizeof(void *))
+#define PTR_ALIGNED(p) (((unsigned long)p & malloc_pagemask) == PTR_GAP)
+
 /*
  * Allocate a piece of memory
  */
@@ -1075,6 +1082,11 @@ imalloc(size_t size)
     if (suicide)
 	abort();
 
+    if (malloc_guard && size == PTR_SIZE) {
+	    ptralloc = 1;
+	    size = malloc_pagesize;
+    }
+
     if ((size + malloc_pagesize) < size) {     /* Check for overflow */
 	result = NULL;
 	errno = ENOMEM;
@@ -1090,6 +1102,8 @@ imalloc(size_t size)
     if (malloc_zero && result != NULL)
 	memset(result, 0, size);
 
+    if (result && ptralloc)
+	    return ((char *)result + PTR_GAP);
     return (result);
 }
 
@@ -1114,6 +1128,19 @@ irealloc(void *ptr, size_t size)
 	return (NULL);
     }
 
+    if (malloc_guard && PTR_ALIGNED(ptr)) {
+	    if (size <= PTR_SIZE)
+		    return (ptr);
+	    else {
+		    p = imalloc(size);
+		    if (p)
+			    memcpy(p, ptr, PTR_SIZE);
+		    ifree(ptr);
+		    return (p);
+	    }
+    }
+
+
     index = ptr2index(ptr);
 
     if (index < malloc_pageshift) {
@@ -1575,6 +1602,9 @@ ifree(void *ptr)
     if (suicide)
 	return;
 
+    if (malloc_guard && PTR_ALIGNED(ptr))
+	    ptr = (char *)ptr - PTR_GAP;
+
     index = ptr2index(ptr);
 
     if (index < malloc_pageshift) {