Shrinking Free Chunks

Consider this sample code (download the complete version here):

Note that instead of shrinking b, the attacker could also have increased the size of b. This will result in a similar case of overlap. When ‘malloc’ requests another chunk of the increased size, b will be used to service this request. Now ‘s memory will also be part of this new chunk returned.