[PATCH] Don't replace avalue with stack memory

public inbox for libffi-discuss@sourceware.org
 help / color / mirror / Atom feed

* [PATCH] Don't replace avalue with stack memory
@ 2010-05-11  2:32 Makoto Kato
  0 siblings, 0 replies; only message in thread
From: Makoto Kato @ 2010-05-11  2:32 UTC (permalink / raw)
  To: libffi-discuss

[-- Attachment #1: Type: text/plain, Size: 418 bytes --]

Hi, fork.

ffi_call may overrides avalue when type is structure or long double.
When overriding it, ffi_call doesn't restore it.  The caller don't
know whether it is on stack or on heap, so this may causes heap
corruption.

I think that it is unnecessary to replace it with stack memory by
alloca().  If needed, we should restore avalue.

This is Win64 implementation only.


-- 
Makoto Kato <m_kato@ga2.so-net.ne.jp>

[-- Attachment #2: 0001-PATCH-Don-t-replace-avalue-with-stack-memory.patch --]
[-- Type: application/octet-stream, Size: 1836 bytes --]

From fcd73b86e064e349e5c75c691efd97f4289d20a2 Mon Sep 17 00:00:00 2001
From: Makoto Kato <m_kato@ga2.so-net.ne.jp>
Date: Mon, 10 May 2010 20:07:52 +0900
Subject: [PATCH] Don't replace avalue with stack memory

ffi_call may overrides avalue when type is structure or long double.
When overriding it, ffi_call doesn't restore it.  The caller don't know
whether it is on stack or on heap, so this may causes heap corruption.

I think that it is unnecessary to replace it with stack memory by alloca().
---
 src/x86/ffi.c |   23 ++---------------------
 1 files changed, 2 insertions(+), 21 deletions(-)

diff --git a/src/x86/ffi.c b/src/x86/ffi.c
index 69a4dcd..01a2bd6 100644
--- a/src/x86/ffi.c
+++ b/src/x86/ffi.c
@@ -291,27 +291,8 @@ void ffi_call(ffi_cif *cif, void (*fn)(void), void *rvalue, void **avalue)
     {
 #ifdef X86_WIN64
     case FFI_WIN64:
-      {
-        /* Make copies of all struct arguments
-           NOTE: not sure if responsibility should be here or in caller */
-        unsigned int i;
-        for (i=0; i < cif->nargs;i++) {
-          size_t size = cif->arg_types[i]->size;
-          if ((cif->arg_types[i]->type == FFI_TYPE_STRUCT
-               && (size != 1 && size != 2 && size != 4 && size != 8))
-#if FFI_TYPE_LONGDOUBLE != FFI_TYPE_DOUBLE
-              || cif->arg_types[i]->type == FFI_TYPE_LONGDOUBLE
-#endif
-              )
-            {
-              void *local = alloca(size);
-              memcpy(local, avalue[i], size);
-              avalue[i] = local;
-            }
-        }
-        ffi_call_win64(ffi_prep_args, &ecif, cif->bytes,
-                       cif->flags, ecif.rvalue, fn);
-      }
+      ffi_call_win64(ffi_prep_args, &ecif, cif->bytes,
+                     cif->flags, ecif.rvalue, fn);
       break;
 #elif defined(X86_WIN32)
     case FFI_SYSV:
-- 
1.6.6.1


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2010-05-11  2:32 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-05-11  2:32 [PATCH] Don't replace avalue with stack memory Makoto Kato

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).