diff options
author | Jose Fonseca <[email protected]> | 2015-04-22 20:23:59 +0100 |
---|---|---|
committer | Jose Fonseca <[email protected]> | 2015-04-23 21:59:43 +0100 |
commit | 525be9c0791e4a447335307b5f225273b9da0cca (patch) | |
tree | 85552a0f04c9d9b24037c7b369ffed0336cabe3a /src | |
parent | f2a7fd9943fcb7d3de3bc2b21907e0a157b88e96 (diff) |
os/os_memory_aligned.h: Handle integer overflow.
This code is only used when our memory debugging wrappers are enabled,
as we use the C runtime functions directly elsewhere.
Tested llvmpipe on Windows w/ memory debugging enabled.
VMware PR894263.
Reviewed-by: Roland Scheidegger <[email protected]>
Diffstat (limited to 'src')
-rw-r--r-- | src/gallium/auxiliary/os/os_memory_aligned.h | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/src/gallium/auxiliary/os/os_memory_aligned.h b/src/gallium/auxiliary/os/os_memory_aligned.h index 72c5cf65b66..bb15f24ade3 100644 --- a/src/gallium/auxiliary/os/os_memory_aligned.h +++ b/src/gallium/auxiliary/os/os_memory_aligned.h @@ -39,6 +39,19 @@ #include "pipe/p_compiler.h" + +/** + * Add two size_t values with integer overflow check. + * TODO: leverage __builtin_add_overflow where available + */ +static inline bool +add_overflow_size_t(size_t a, size_t b, size_t *res) +{ + *res = a + b; + return *res < a || *res < b; +} + + /** * Return memory on given byte alignment */ @@ -46,8 +59,21 @@ static INLINE void * os_malloc_aligned(size_t size, size_t alignment) { char *ptr, *buf; + size_t alloc_size; + + /* + * Calculate + * + * alloc_size = size + alignment + sizeof(void *) + * + * while checking for overflow. + */ + if (add_overflow_size_t(size, alignment, &alloc_size) || + add_overflow_size_t(alloc_size, sizeof(void *), &alloc_size)) { + return NULL; + } - ptr = (char *) os_malloc(size + alignment + sizeof(void *)); + ptr = (char *) os_malloc(alloc_size); if (!ptr) return NULL; |