* [Ada] Memory corruption when using formal hashed sets or maps
@ 2019-07-11 8:04 Pierre-Marie de Rodat
0 siblings, 0 replies; only message in thread
From: Pierre-Marie de Rodat @ 2019-07-11 8:04 UTC (permalink / raw)
To: gcc-patches; +Cc: Claire Dross
[-- Attachment #1: Type: text/plain, Size: 290 bytes --]
Add a check to avoid causing a buffer overflow when the map is empty
Tested on x86_64-pc-linux-gnu, committed on trunk
2019-07-11 Claire Dross <dross@adacore.com>
gcc/ada/
* libgnat/a-cfhama.adb, libgnat/a-cfhase.adb (Free): Do not
reset the Has_Element flag if no element is freed.
[-- Attachment #2: patch.diff --]
[-- Type: text/x-diff, Size: 858 bytes --]
--- gcc/ada/libgnat/a-cfhama.adb
+++ gcc/ada/libgnat/a-cfhama.adb
@@ -509,8 +509,11 @@ is
procedure Free (HT : in out Map; X : Count_Type) is
begin
- HT.Nodes (X).Has_Element := False;
- HT_Ops.Free (HT, X);
+ if X /= 0 then
+ pragma Assert (X <= HT.Capacity);
+ HT.Nodes (X).Has_Element := False;
+ HT_Ops.Free (HT, X);
+ end if;
end Free;
----------------------
--- gcc/ada/libgnat/a-cfhase.adb
+++ gcc/ada/libgnat/a-cfhase.adb
@@ -760,8 +760,11 @@ is
procedure Free (HT : in out Set; X : Count_Type) is
begin
- HT.Nodes (X).Has_Element := False;
- HT_Ops.Free (HT, X);
+ if X /= 0 then
+ pragma Assert (X <= HT.Capacity);
+ HT.Nodes (X).Has_Element := False;
+ HT_Ops.Free (HT, X);
+ end if;
end Free;
----------------------
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2019-07-11 8:04 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-07-11 8:04 [Ada] Memory corruption when using formal hashed sets or maps Pierre-Marie de Rodat
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).