aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJack Lloyd <jack@randombit.net>2019-03-07 10:35:06 -0500
committerJack Lloyd <jack@randombit.net>2019-03-07 10:35:06 -0500
commit9252df39094fc06106c340838411b1c753983199 (patch)
treef3ae224743bf2d28813a5565d232744a8380d0ca
parent841c9cf1f30c6528a63ec238a585f0381627fece (diff)
Fix Coverity warnings
Checking a ptr against null after dereferencing it. Allowing exception throw to escape a noexcept function. Both harmless.
-rw-r--r--src/lib/utils/mem_pool/mem_pool.cpp46
-rw-r--r--src/lib/utils/os_utils.cpp12
2 files changed, 38 insertions, 20 deletions
diff --git a/src/lib/utils/mem_pool/mem_pool.cpp b/src/lib/utils/mem_pool/mem_pool.cpp
index 1cae5f299..98997a38a 100644
--- a/src/lib/utils/mem_pool/mem_pool.cpp
+++ b/src/lib/utils/mem_pool/mem_pool.cpp
@@ -364,29 +364,49 @@ bool Memory_Pool::deallocate(void* p, size_t len) noexcept
if(n_bucket != 0)
{
- lock_guard_type<mutex_type> lock(m_mutex);
+ try
+ {
+ lock_guard_type<mutex_type> lock(m_mutex);
- std::deque<Bucket>& buckets = m_buckets_for[n_bucket];
+ std::deque<Bucket>& buckets = m_buckets_for[n_bucket];
- for(size_t i = 0; i != buckets.size(); ++i)
- {
- Bucket& bucket = buckets[i];
- if(bucket.free(p))
+ for(size_t i = 0; i != buckets.size(); ++i)
{
- if(bucket.empty())
+ Bucket& bucket = buckets[i];
+ if(bucket.free(p))
{
+ if(bucket.empty())
+ {
#if defined(BOTAN_MEM_POOL_USE_MMU_PROTECTIONS)
- OS::page_prohibit_access(bucket.ptr());
+ OS::page_prohibit_access(bucket.ptr());
#endif
- m_free_pages.push_back(bucket.ptr());
+ m_free_pages.push_back(bucket.ptr());
- if(i != buckets.size() - 1)
- std::swap(buckets.back(), buckets[i]);
- buckets.pop_back();
+ if(i != buckets.size() - 1)
+ std::swap(buckets.back(), buckets[i]);
+ buckets.pop_back();
+ }
+ return true;
}
- return true;
}
}
+ catch(...)
+ {
+ /*
+ * The only exception throws that can occur in the above code are from
+ * either the STL or BOTAN_ASSERT failures. In either case, such an
+ * error indicates a logic error or data corruption in the memory
+ * allocator such that it is no longer safe to continue executing.
+ *
+ * Since this function is noexcept, simply letting the exception escape
+ * is sufficient for terminate to be called. However in this scenario
+ * it is implementation defined if any stack unwinding is performed.
+ * Since stack unwinding could cause further memory deallocations this
+ * could result in further corruption in this allocator state. To prevent
+ * this, call terminate directly.
+ */
+ std::terminate();
+ }
}
return false;
diff --git a/src/lib/utils/os_utils.cpp b/src/lib/utils/os_utils.cpp
index 71f4f12d4..aa599e4b0 100644
--- a/src/lib/utils/os_utils.cpp
+++ b/src/lib/utils/os_utils.cpp
@@ -383,14 +383,12 @@ std::vector<void*> OS::allocate_locked_pages(size_t count)
}
#endif
- if(ptr != nullptr)
- {
- // Make guard page following the data page
- page_prohibit_access(static_cast<uint8_t*>(ptr) + page_size);
+ std::memset(ptr, 0, 2*page_size); // zero both data and guard pages
- std::memset(ptr, 0, page_size);
- result.push_back(ptr);
- }
+ // Make guard page following the data page
+ page_prohibit_access(static_cast<uint8_t*>(ptr) + page_size);
+
+ result.push_back(ptr);
}
return result;