[llvm] dfeb978 - Fixed a roll-over on size_t in getNewUninitMemBuffer()
Dmitry Vassiliev via llvm-commits
llvm-commits at lists.llvm.org
Fri Mar 11 01:17:49 PST 2022
Author: Dmitry Vassiliev
Date: 2022-03-11T13:16:58+04:00
New Revision: dfeb9781557ca655bb99a31f4bcf4d0187d7dd38
URL: https://github.com/llvm/llvm-project/commit/dfeb9781557ca655bb99a31f4bcf4d0187d7dd38
DIFF: https://github.com/llvm/llvm-project/commit/dfeb9781557ca655bb99a31f4bcf4d0187d7dd38.diff
LOG: Fixed a roll-over on size_t in getNewUninitMemBuffer()
Reviewed By: serge-sans-paille
Differential Revision: https://reviews.llvm.org/D121399
Added:
Modified:
llvm/lib/Support/MemoryBuffer.cpp
llvm/unittests/Support/MemoryBufferTest.cpp
Removed:
################################################################################
diff --git a/llvm/lib/Support/MemoryBuffer.cpp b/llvm/lib/Support/MemoryBuffer.cpp
index 5003822d9086a..872b874be34f4 100644
--- a/llvm/lib/Support/MemoryBuffer.cpp
+++ b/llvm/lib/Support/MemoryBuffer.cpp
@@ -286,6 +286,8 @@ WritableMemoryBuffer::getNewUninitMemBuffer(size_t Size, const Twine &BufferName
StringRef NameRef = BufferName.toStringRef(NameBuf);
size_t AlignedStringLen = alignTo(sizeof(MemBuffer) + NameRef.size() + 1, 16);
size_t RealLen = AlignedStringLen + Size + 1;
+ if (RealLen <= Size) // Check for rollover.
+ return nullptr;
char *Mem = static_cast<char*>(operator new(RealLen, std::nothrow));
if (!Mem)
return nullptr;
diff --git a/llvm/unittests/Support/MemoryBufferTest.cpp b/llvm/unittests/Support/MemoryBufferTest.cpp
index bcd25021b5635..423d8f7611811 100644
--- a/llvm/unittests/Support/MemoryBufferTest.cpp
+++ b/llvm/unittests/Support/MemoryBufferTest.cpp
@@ -219,6 +219,11 @@ TEST_F(MemoryBufferTest, make_new) {
EXPECT_NE(nullptr, Four.get());
for (size_t i = 0; i < 123; ++i)
EXPECT_EQ(0, Four->getBufferStart()[0]);
+
+ // uninitialized buffer with rollover size
+ OwningBuffer Five(
+ WritableMemoryBuffer::getNewUninitMemBuffer(SIZE_MAX, "huge"));
+ EXPECT_EQ(nullptr, Five.get());
}
void MemoryBufferTest::testGetOpenFileSlice(bool Reopen) {
More information about the llvm-commits
mailing list