| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <fcntl.h> | 5 #include <fcntl.h> |
| 6 #include <stdio.h> | 6 #include <stdio.h> |
| 7 #include <stdlib.h> | 7 #include <stdlib.h> |
| 8 #include <string.h> | 8 #include <string.h> |
| 9 #include <sys/stat.h> | 9 #include <sys/stat.h> |
| 10 #include <sys/types.h> | 10 #include <sys/types.h> |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 62 buf = new_buf; | 62 buf = new_buf; |
| 63 } | 63 } |
| 64 } | 64 } |
| 65 #endif | 65 #endif |
| 66 | 66 |
| 67 // This function acts as a compiler optimization barrier. We use it to | 67 // This function acts as a compiler optimization barrier. We use it to |
| 68 // prevent the compiler from making an expression a compile-time constant. | 68 // prevent the compiler from making an expression a compile-time constant. |
| 69 // We also use it so that the compiler doesn't discard certain return values | 69 // We also use it so that the compiler doesn't discard certain return values |
| 70 // as something we don't need (see the comment with calloc below). | 70 // as something we don't need (see the comment with calloc below). |
| 71 template <typename Type> | 71 template <typename Type> |
| 72 Type HideValueFromCompiler(volatile Type value) { | 72 NOINLINE Type HideValueFromCompiler(volatile Type value) { |
| 73 #if defined(__GNUC__) | 73 #if defined(__GNUC__) |
| 74 // In a GCC compatible compiler (GCC or Clang), make this compiler barrier | 74 // In a GCC compatible compiler (GCC or Clang), make this compiler barrier |
| 75 // more robust than merely using "volatile". | 75 // more robust than merely using "volatile". |
| 76 __asm__ volatile ("" : "+r" (value)); | 76 __asm__ volatile ("" : "+r" (value)); |
| 77 #endif // __GNUC__ | 77 #endif // __GNUC__ |
| 78 return value; | 78 return value; |
| 79 } | 79 } |
| 80 | 80 |
| 81 // Tcmalloc and Windows allocator shim support setting malloc limits. | 81 // Tcmalloc and Windows allocator shim support setting malloc limits. |
| 82 // - NO_TCMALLOC (should be defined if compiled with use_allocator!="tcmalloc") | 82 // - NO_TCMALLOC (should be defined if compiled with use_allocator!="tcmalloc") |
| (...skipping 203 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 286 } | 286 } |
| 287 #endif // !defined(OS_WIN) || !defined(ARCH_CPU_64_BITS) | 287 #endif // !defined(OS_WIN) || !defined(ARCH_CPU_64_BITS) |
| 288 } | 288 } |
| 289 | 289 |
| 290 // Call calloc(), eventually free the memory and return whether or not | 290 // Call calloc(), eventually free the memory and return whether or not |
| 291 // calloc() did succeed. | 291 // calloc() did succeed. |
| 292 bool CallocReturnsNull(size_t nmemb, size_t size) { | 292 bool CallocReturnsNull(size_t nmemb, size_t size) { |
| 293 scoped_ptr<char, base::FreeDeleter> array_pointer( | 293 scoped_ptr<char, base::FreeDeleter> array_pointer( |
| 294 static_cast<char*>(calloc(nmemb, size))); | 294 static_cast<char*>(calloc(nmemb, size))); |
| 295 // We need the call to HideValueFromCompiler(): we have seen LLVM | 295 // We need the call to HideValueFromCompiler(): we have seen LLVM |
| 296 // optimize away the call to calloc() entirely and assume | 296 // optimize away the call to calloc() entirely and assume the pointer to not |
| 297 // the pointer to not be NULL. | 297 // be NULL. |
| 298 return HideValueFromCompiler(array_pointer.get()) == NULL; | 298 return HideValueFromCompiler(array_pointer.get()) == NULL; |
| 299 } | 299 } |
| 300 | 300 |
| 301 // Test if calloc() can overflow. | 301 // Test if calloc() can overflow. |
| 302 TEST(SecurityTest, CallocOverflow) { | 302 TEST(SecurityTest, CallocOverflow) { |
| 303 const size_t kArraySize = 4096; | 303 const size_t kArraySize = 4096; |
| 304 const size_t kMaxSizeT = numeric_limits<size_t>::max(); | 304 const size_t kMaxSizeT = numeric_limits<size_t>::max(); |
| 305 const size_t kArraySize2 = kMaxSizeT / kArraySize + 10; | 305 const size_t kArraySize2 = kMaxSizeT / kArraySize + 10; |
| 306 if (!CallocDiesOnOOM()) { | 306 if (!CallocDiesOnOOM()) { |
| 307 EXPECT_TRUE(CallocReturnsNull(kArraySize, kArraySize2)); | 307 EXPECT_TRUE(CallocReturnsNull(kArraySize, kArraySize2)); |
| (...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 367 // kRandomMask, so we use it as an additional detection mechanism. | 367 // kRandomMask, so we use it as an additional detection mechanism. |
| 368 const uintptr_t kRandomMask = 0x3fffffffffffULL; | 368 const uintptr_t kRandomMask = 0x3fffffffffffULL; |
| 369 bool impossible_random_address = | 369 bool impossible_random_address = |
| 370 reinterpret_cast<uintptr_t>(ptr.get()) & ~kRandomMask; | 370 reinterpret_cast<uintptr_t>(ptr.get()) & ~kRandomMask; |
| 371 EXPECT_FALSE(impossible_random_address); | 371 EXPECT_FALSE(impossible_random_address); |
| 372 } | 372 } |
| 373 | 373 |
| 374 #endif // defined(OS_LINUX) && defined(__x86_64__) | 374 #endif // defined(OS_LINUX) && defined(__x86_64__) |
| 375 | 375 |
| 376 } // namespace | 376 } // namespace |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1124763003:
Update from https://crrev.com/327068 (Closed)
Base URL: git@github.com:domokit/mojo.git@master