2 files changed, 14 insertions, 1 deletions

diff --git a/vppinfra/vppinfra/mheap.c b/vppinfra/vppinfra/mheap.c
index cd8672e7ef4..6163d0b1341 100644
--- a/vppinfra/vppinfra/mheap.c
+++ b/vppinfra/vppinfra/mheap.c
@@ -874,6 +874,15 @@ void * mheap_alloc_with_flags (void * memory, uword memory_size, uword flags)
     h = uword_to_pointer (ah, void *);
     v = mheap_vector (h);
 
+    if (PREDICT_FALSE(memory + memory_size < v)) {
+	/*
+	 * This will happen when the requested memory_size is too
+	 * small to cope with the heap header and/or memory alignment.
+	 */
+	clib_mem_vm_free(memory, memory_size);
+	return 0;
+    }
+
     size = memory + memory_size - v;
   }
 
diff --git a/vppinfra/vppinfra/mheap.h b/vppinfra/vppinfra/mheap.h
index c9eb60de639..a40c26cb60d 100644
--- a/vppinfra/vppinfra/mheap.h
+++ b/vppinfra/vppinfra/mheap.h
@@ -48,7 +48,11 @@
 always_inline void * mheap_get (void * v, uword size, uword * offset_return)
 { return mheap_get_aligned (v, size, 0, 0, offset_return); }
 
-/* Create allocation heap of given size. */
+/* Create allocation heap of given size.
+ * The actual usable size is smaller than the requested size.
+ * memory_bytes must be greater than mheap_page_size + sizeof (mheap_t) + 16.
+ * Otherwise, allocation may fail and return 0.
+ */
 void * mheap_alloc (void * memory, uword memory_bytes);
 void * mheap_alloc_with_flags (void * memory, uword memory_bytes, uword flags);