From: Jonathan Wakely <jwakely@redhat.com>
To: libstdc++@gcc.gnu.org, gcc-patches@gcc.gnu.org
Subject: [committed] libstdc++: Check for size overflow in constexpr allocation [PR105957]
Date: Tue, 14 Jun 2022 21:19:38 +0100 [thread overview]
Message-ID: <20220614201938.1030025-1-jwakely@redhat.com> (raw)
Tested powerpc64le-linux, pushed to trunk.
-- >8 --
libstdc++-v3/ChangeLog:
PR libstdc++/105957
* include/bits/allocator.h (allocator::allocate): Check for
overflow in constexpr allocation.
* testsuite/20_util/allocator/105975.cc: New test.
---
libstdc++-v3/include/bits/allocator.h | 7 ++++++-
.../testsuite/20_util/allocator/105975.cc | 18 ++++++++++++++++++
2 files changed, 24 insertions(+), 1 deletion(-)
create mode 100644 libstdc++-v3/testsuite/20_util/allocator/105975.cc
diff --git a/libstdc++-v3/include/bits/allocator.h b/libstdc++-v3/include/bits/allocator.h
index ee1121b080a..aec0b374fd1 100644
--- a/libstdc++-v3/include/bits/allocator.h
+++ b/libstdc++-v3/include/bits/allocator.h
@@ -184,7 +184,12 @@ _GLIBCXX_BEGIN_NAMESPACE_VERSION
allocate(size_t __n)
{
if (std::__is_constant_evaluated())
- return static_cast<_Tp*>(::operator new(__n * sizeof(_Tp)));
+ {
+ if (__builtin_mul_overflow(__n, sizeof(_Tp), &__n))
+ std::__throw_bad_array_new_length();
+ return static_cast<_Tp*>(::operator new(__n));
+ }
+
return __allocator_base<_Tp>::allocate(__n, 0);
}
diff --git a/libstdc++-v3/testsuite/20_util/allocator/105975.cc b/libstdc++-v3/testsuite/20_util/allocator/105975.cc
new file mode 100644
index 00000000000..4342aeade04
--- /dev/null
+++ b/libstdc++-v3/testsuite/20_util/allocator/105975.cc
@@ -0,0 +1,18 @@
+// { dg-options "-std=gnu++20" }
+// { dg-do compile { target c++20 } }
+
+// PR libstdc++/105957
+
+#include <memory>
+
+consteval bool test_pr105957()
+{
+ std::allocator<long long> a;
+ auto n = std::size_t(-1) / (sizeof(long long) - 1);
+ auto p = a.allocate(n); // { dg-error "constexpr" }
+ a.deallocate(p, n);
+ return true;
+}
+static_assert( test_pr105957() );
+
+// { dg-error "throw_bad_array_new_length" "" { target *-*-* } 0 }
--
2.34.3
reply other threads:[~2022-06-14 20:19 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220614201938.1030025-1-jwakely@redhat.com \
--to=jwakely@redhat.com \
--cc=gcc-patches@gcc.gnu.org \
--cc=libstdc++@gcc.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).