[committed] libstdc++: Check for size overflow in constexpr allocation [PR105957]

public inbox for libstdc++@gcc.gnu.org
 help / color / mirror / Atom feed

* [committed] libstdc++: Check for size overflow in constexpr allocation [PR105957]
@ 2022-06-14 20:19 Jonathan Wakely
  0 siblings, 0 replies; only message in thread
From: Jonathan Wakely @ 2022-06-14 20:19 UTC (permalink / raw)
  To: libstdc++, gcc-patches

Tested powerpc64le-linux, pushed to trunk.

-- >8 --

libstdc++-v3/ChangeLog:

	PR libstdc++/105957
	* include/bits/allocator.h (allocator::allocate): Check for
	overflow in constexpr allocation.
	* testsuite/20_util/allocator/105975.cc: New test.
---
 libstdc++-v3/include/bits/allocator.h          |  7 ++++++-
 .../testsuite/20_util/allocator/105975.cc      | 18 ++++++++++++++++++
 2 files changed, 24 insertions(+), 1 deletion(-)
 create mode 100644 libstdc++-v3/testsuite/20_util/allocator/105975.cc

diff --git a/libstdc++-v3/include/bits/allocator.h b/libstdc++-v3/include/bits/allocator.h
index ee1121b080a..aec0b374fd1 100644
--- a/libstdc++-v3/include/bits/allocator.h
+++ b/libstdc++-v3/include/bits/allocator.h
@@ -184,7 +184,12 @@ _GLIBCXX_BEGIN_NAMESPACE_VERSION
       allocate(size_t __n)
       {
 	if (std::__is_constant_evaluated())
-	  return static_cast<_Tp*>(::operator new(__n * sizeof(_Tp)));
+	  {
+	    if (__builtin_mul_overflow(__n, sizeof(_Tp), &__n))
+	      std::__throw_bad_array_new_length();
+	    return static_cast<_Tp*>(::operator new(__n));
+	  }
+
 	return __allocator_base<_Tp>::allocate(__n, 0);
       }
 
diff --git a/libstdc++-v3/testsuite/20_util/allocator/105975.cc b/libstdc++-v3/testsuite/20_util/allocator/105975.cc
new file mode 100644
index 00000000000..4342aeade04
--- /dev/null
+++ b/libstdc++-v3/testsuite/20_util/allocator/105975.cc
@@ -0,0 +1,18 @@
+// { dg-options "-std=gnu++20" }
+// { dg-do compile { target c++20 } }
+
+// PR libstdc++/105957
+
+#include <memory>
+
+consteval bool test_pr105957()
+{
+  std::allocator<long long> a;
+  auto n = std::size_t(-1) / (sizeof(long long) - 1);
+  auto p = a.allocate(n); // { dg-error "constexpr" }
+  a.deallocate(p, n);
+  return true;
+}
+static_assert( test_pr105957() );
+
+// { dg-error "throw_bad_array_new_length" "" { target *-*-* } 0 }
-- 
2.34.3


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2022-06-14 20:19 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-06-14 20:19 [committed] libstdc++: Check for size overflow in constexpr allocation [PR105957] Jonathan Wakely

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).