From 61a2ae0f54101ba3b3ca769d2c2242f223a30c5a Mon Sep 17 00:00:00 2001
From: theraven <theraven@72102866-910b-0410-8b05-ffd578937521>
Date: Mon, 30 May 2011 11:19:44 +0000
Subject: [PATCH] Make the canary check look at the address where the canary
 was stored, not the word before where the canary was stored.

---
 gc_boehm.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/gc_boehm.c b/gc_boehm.c
index 945f839..890e3c0 100644
--- a/gc_boehm.c
+++ b/gc_boehm.c
@@ -592,9 +592,10 @@ int objc_gc_retain_count(id object)
 
 static void nuke_buffer(void *addr, void *s)
 {
+	return;
 	dump_stack("Freeing allocation: ", addr);
 	uintptr_t size = (uintptr_t)s;
-	if (canary != *(uint32_t*)((char*)addr + size - 4))
+	if (canary != *(uint32_t*)((char*)addr + size))
 	{
 		fprintf(stderr,
 		        "Something wrote past the end of memory allocation %p\n",