summaryrefslogtreecommitdiffstats
path: root/src/gallium/auxiliary/os
diff options
context:
space:
mode:
authorJose Fonseca <[email protected]>2015-04-22 20:23:59 +0100
committerJose Fonseca <[email protected]>2015-04-23 21:59:43 +0100
commit525be9c0791e4a447335307b5f225273b9da0cca (patch)
tree85552a0f04c9d9b24037c7b369ffed0336cabe3a /src/gallium/auxiliary/os
parentf2a7fd9943fcb7d3de3bc2b21907e0a157b88e96 (diff)
os/os_memory_aligned.h: Handle integer overflow.
This code is only used when our memory debugging wrappers are enabled, as we use the C runtime functions directly elsewhere. Tested llvmpipe on Windows w/ memory debugging enabled. VMware PR894263. Reviewed-by: Roland Scheidegger <[email protected]>
Diffstat (limited to 'src/gallium/auxiliary/os')
-rw-r--r--src/gallium/auxiliary/os/os_memory_aligned.h28
1 files changed, 27 insertions, 1 deletions
diff --git a/src/gallium/auxiliary/os/os_memory_aligned.h b/src/gallium/auxiliary/os/os_memory_aligned.h
index 72c5cf65b66..bb15f24ade3 100644
--- a/src/gallium/auxiliary/os/os_memory_aligned.h
+++ b/src/gallium/auxiliary/os/os_memory_aligned.h
@@ -39,6 +39,19 @@
#include "pipe/p_compiler.h"
+
+/**
+ * Add two size_t values with integer overflow check.
+ * TODO: leverage __builtin_add_overflow where available
+ */
+static inline bool
+add_overflow_size_t(size_t a, size_t b, size_t *res)
+{
+ *res = a + b;
+ return *res < a || *res < b;
+}
+
+
/**
* Return memory on given byte alignment
*/
@@ -46,8 +59,21 @@ static INLINE void *
os_malloc_aligned(size_t size, size_t alignment)
{
char *ptr, *buf;
+ size_t alloc_size;
+
+ /*
+ * Calculate
+ *
+ * alloc_size = size + alignment + sizeof(void *)
+ *
+ * while checking for overflow.
+ */
+ if (add_overflow_size_t(size, alignment, &alloc_size) ||
+ add_overflow_size_t(alloc_size, sizeof(void *), &alloc_size)) {
+ return NULL;
+ }
- ptr = (char *) os_malloc(size + alignment + sizeof(void *));
+ ptr = (char *) os_malloc(alloc_size);
if (!ptr)
return NULL;