[compiler-rt] [xray] Fix oob memory access in FDR BufferQueue iterator. (PR #90940)
Ricky Zhou via llvm-commits
llvm-commits at lists.llvm.org
Thu May 2 23:00:10 PDT 2024
https://github.com/rickyz created https://github.com/llvm/llvm-project/pull/90940
Before this change, the FDR BufferQueue iterator could access memory out
of due to checks of the form `!Buffers[Offset].Used && Offset != Max`,
which can potentially access `Buffers[Max]`, which is past the end of
the `Buffers`. Fix this by testing `Offset != Max` first.
>From ea7b6c358269b5bc0a8d0967c45fe41bc5763c3e Mon Sep 17 00:00:00 2001
From: Ricky Zhou <ricky at rzhou.org>
Date: Thu, 2 May 2024 22:54:50 -0700
Subject: [PATCH] [xray] Fix oob memory access in FDR BufferQueue iterator.
Before this change, the FDR BufferQueue iterator could access memory out
of due to checks of the form `!Buffers[Offset].Used && Offset != Max`,
which can potentially access `Buffers[Max]`, which is past the end of
the `Buffers`. Fix this by testing `Offset != Max` first.
---
compiler-rt/lib/xray/xray_buffer_queue.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/compiler-rt/lib/xray/xray_buffer_queue.h b/compiler-rt/lib/xray/xray_buffer_queue.h
index e1739d050f3d0d..8d33f73576b5e2 100644
--- a/compiler-rt/lib/xray/xray_buffer_queue.h
+++ b/compiler-rt/lib/xray/xray_buffer_queue.h
@@ -87,7 +87,7 @@ class BufferQueue {
DCHECK_NE(Offset, Max);
do {
++Offset;
- } while (!Buffers[Offset].Used && Offset != Max);
+ } while (Offset != Max && !Buffers[Offset].Used);
return *this;
}
@@ -107,7 +107,7 @@ class BufferQueue {
Max(M) {
// We want to advance to the first Offset where the 'Used' property is
// true, or to the end of the list/queue.
- while (!Buffers[Offset].Used && Offset != Max) {
+ while (Offset != Max && !Buffers[Offset].Used) {
++Offset;
}
}
More information about the llvm-commits
mailing list