| Index: third_party/tcmalloc/chromium/src/common.cc
|
| diff --git a/third_party/tcmalloc/chromium/src/common.cc b/third_party/tcmalloc/chromium/src/common.cc
|
| index 5a55b3908391666703e11c00afc45536f92a4faf..4098431162a9ed567b1338f269f3bc040ca0728a 100644
|
| --- a/third_party/tcmalloc/chromium/src/common.cc
|
| +++ b/third_party/tcmalloc/chromium/src/common.cc
|
| @@ -38,8 +38,19 @@
|
| #include <unistd.h> // for getpagesize
|
| #endif
|
|
|
| +#include <limits>
|
| +
|
| namespace tcmalloc {
|
|
|
| +bool IsContiguousAllocSizePermitted(size_t alloc_size) {
|
| + // Never allow an allocation of a contiguous area larger than what can
|
| + // be indexed via an int. This is meant as a security mitigation, see
|
| + // crbug.com/169369 for more background.
|
| +
|
| + // Remove kPageSize to account for various rounding.
|
| + return alloc_size <= (std::numeric_limits<int>::max() - kPageSize);
|
| +}
|
| +
|
| // Note: the following only works for "n"s that fit in 32-bits, but
|
| // that is fine since we only use it for small sizes.
|
| static inline int LgFloor(size_t n) {
|
|
|
Chromium Code Reviews
Issue 11857007:
TCMalloc: restrict maximum size of memory ranges (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src