[compiler-rt] [scudo] do not store size inside ring buffer (PR #74541)
Florian Mayer via llvm-commits
llvm-commits at lists.llvm.org
Fri Dec 8 17:12:47 PST 2023
================
@@ -1408,17 +1409,19 @@ class Allocator {
size_t &NextErrorReport,
uintptr_t FaultAddr,
const StackDepot *Depot,
- const char *RingBufferPtr) {
+ const char *RingBufferPtr,
+ size_t RingBufferSize) {
auto *RingBuffer =
reinterpret_cast<const AllocationRingBuffer *>(RingBufferPtr);
- if (!RingBuffer || RingBuffer->Size == 0)
+ size_t RingBufferElements = ringBufferElementsFromBytes(RingBufferSize);
+ if (!RingBuffer || RingBufferElements == 0)
----------------
fmayer wrote:
This function assumes arbitrary input (and is fuzzed with it), so I did it like this to be on the safe side. Checking on the caller makes less sense, because `RingBufferElements == 0` means `RingBufferSize < sizeof(AllocationRingBuffer) + sizeof(AllocationRingBuffer::Entry)`.
https://github.com/llvm/llvm-project/pull/74541
More information about the llvm-commits
mailing list