third_party/tcmalloc/chromium/src/free_list.cc - Issue 10957067: Ensure we mask freelist pointers properly on 32-bit Linux - Code Review

Chromium Code Reviews

chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

(10)

My Issues | Starred Open | Closed | All

Unified Diff: third_party/tcmalloc/chromium/src/free_list.cc

Issue 10957067: Ensure we mask freelist pointers properly on 32-bit Linux (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/

Patch Set: Created 8 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/tcmalloc/chromium/src/free_list.cc

===================================================================

--- third_party/tcmalloc/chromium/src/free_list.cc (revision 158339)

+++ third_party/tcmalloc/chromium/src/free_list.cc (working copy)

@@ -82,10 +82,11 @@

inline void* MaskPtr(void* p) {

// Maximize ASLR entropy and guarantee the result is an invalid address.

- const uintptr_t q = ~(reinterpret_cast<intptr_t>(TCMalloc_SystemAlloc) >> 13);

+ const uintptr_t mask = ~(reinterpret_cast<uintptr_t>(TCMalloc_SystemAlloc)

+ >> 13) | 1;

// Do not mask NULL pointers, otherwise we could leak address state.

if (p)

- return reinterpret_cast<void*>(reinterpret_cast<uintptr_t>(p) ^ q);

+ return reinterpret_cast<void*>(reinterpret_cast<uintptr_t>(p) ^ mask);

return p;

}

« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine

This is Rietveld 408576698