diff options
author | Jack Lloyd <jack@randombit.net> | 2019-03-07 10:35:06 -0500 |
---|---|---|
committer | Jack Lloyd <jack@randombit.net> | 2019-03-07 10:35:06 -0500 |
commit | 9252df39094fc06106c340838411b1c753983199 (patch) | |
tree | f3ae224743bf2d28813a5565d232744a8380d0ca | |
parent | 841c9cf1f30c6528a63ec238a585f0381627fece (diff) |
Fix Coverity warnings
Checking a ptr against null after dereferencing it.
Allowing exception throw to escape a noexcept function.
Both harmless.
-rw-r--r-- | src/lib/utils/mem_pool/mem_pool.cpp | 46 | ||||
-rw-r--r-- | src/lib/utils/os_utils.cpp | 12 |
2 files changed, 38 insertions, 20 deletions
diff --git a/src/lib/utils/mem_pool/mem_pool.cpp b/src/lib/utils/mem_pool/mem_pool.cpp index 1cae5f299..98997a38a 100644 --- a/src/lib/utils/mem_pool/mem_pool.cpp +++ b/src/lib/utils/mem_pool/mem_pool.cpp @@ -364,29 +364,49 @@ bool Memory_Pool::deallocate(void* p, size_t len) noexcept if(n_bucket != 0) { - lock_guard_type<mutex_type> lock(m_mutex); + try + { + lock_guard_type<mutex_type> lock(m_mutex); - std::deque<Bucket>& buckets = m_buckets_for[n_bucket]; + std::deque<Bucket>& buckets = m_buckets_for[n_bucket]; - for(size_t i = 0; i != buckets.size(); ++i) - { - Bucket& bucket = buckets[i]; - if(bucket.free(p)) + for(size_t i = 0; i != buckets.size(); ++i) { - if(bucket.empty()) + Bucket& bucket = buckets[i]; + if(bucket.free(p)) { + if(bucket.empty()) + { #if defined(BOTAN_MEM_POOL_USE_MMU_PROTECTIONS) - OS::page_prohibit_access(bucket.ptr()); + OS::page_prohibit_access(bucket.ptr()); #endif - m_free_pages.push_back(bucket.ptr()); + m_free_pages.push_back(bucket.ptr()); - if(i != buckets.size() - 1) - std::swap(buckets.back(), buckets[i]); - buckets.pop_back(); + if(i != buckets.size() - 1) + std::swap(buckets.back(), buckets[i]); + buckets.pop_back(); + } + return true; } - return true; } } + catch(...) + { + /* + * The only exception throws that can occur in the above code are from + * either the STL or BOTAN_ASSERT failures. In either case, such an + * error indicates a logic error or data corruption in the memory + * allocator such that it is no longer safe to continue executing. + * + * Since this function is noexcept, simply letting the exception escape + * is sufficient for terminate to be called. However in this scenario + * it is implementation defined if any stack unwinding is performed. + * Since stack unwinding could cause further memory deallocations this + * could result in further corruption in this allocator state. To prevent + * this, call terminate directly. + */ + std::terminate(); + } } return false; diff --git a/src/lib/utils/os_utils.cpp b/src/lib/utils/os_utils.cpp index 71f4f12d4..aa599e4b0 100644 --- a/src/lib/utils/os_utils.cpp +++ b/src/lib/utils/os_utils.cpp @@ -383,14 +383,12 @@ std::vector<void*> OS::allocate_locked_pages(size_t count) } #endif - if(ptr != nullptr) - { - // Make guard page following the data page - page_prohibit_access(static_cast<uint8_t*>(ptr) + page_size); + std::memset(ptr, 0, 2*page_size); // zero both data and guard pages - std::memset(ptr, 0, page_size); - result.push_back(ptr); - } + // Make guard page following the data page + page_prohibit_access(static_cast<uint8_t*>(ptr) + page_size); + + result.push_back(ptr); } return result; |