From ce0eed6c0ae76da99731d8cbc85a45103b3c741d Mon Sep 17 00:00:00 2001
From: mquinson <mquinson@48e7efb5-ca39-0410-a469-dd3cf9ba447f>
Date: Thu, 6 Jul 2006 01:48:07 +0000
Subject: [PATCH] Fix a stack corruption when xbt_dynar_remove_at was used with
 object larger than 8bytes. It was the case in gras_procdata_exit: we had a by
 4 overflow. This leaded to segfault when using optimization on gcc 4.x since
 %ebx is stored right after our data in that case. YEAH, it works on gcc 4.x
 now. I would never have found this without Vince, thanks so much

git-svn-id: svn+ssh://scm.gforge.inria.fr/svn/simgrid/simgrid/trunk@2489 48e7efb5-ca39-0410-a469-dd3cf9ba447f
---
 src/xbt/dynar.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/xbt/dynar.c b/src/xbt/dynar.c
index 923b90ebbe..eeb022eaf1 100644
--- a/src/xbt/dynar.c
+++ b/src/xbt/dynar.c
@@ -374,9 +374,16 @@ xbt_dynar_remove_at(xbt_dynar_t  const dynar,
   if (object) {
     _xbt_dynar_get_elm(object, dynar, idx);
   } else if (dynar->free_f) {
-    char elm[SIZEOF_MAX];
-    _xbt_dynar_get_elm(elm, dynar, idx);
-    (*dynar->free_f)(elm);
+    if (dynar->elmsize <= SIZEOF_MAX) {
+       char elm[SIZEOF_MAX];
+       _xbt_dynar_get_elm(elm, dynar, idx);
+       (*dynar->free_f)(elm);
+    } else {
+       char *elm=malloc(dynar->elmsize);
+       _xbt_dynar_get_elm(elm, dynar, idx);
+       (*dynar->free_f)(elm);
+       free(elm);
+    }
   }
 
   nb_shift =  dynar->used-1 - idx;
-- 
2.20.1