From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id ADB60384F027 for ; Tue, 14 Jun 2022 20:19:41 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org ADB60384F027 Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-627-4U0JWZh9OSWe9hbBLZNKGg-1; Tue, 14 Jun 2022 16:19:40 -0400 X-MC-Unique: 4U0JWZh9OSWe9hbBLZNKGg-1 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.rdu2.redhat.com [10.11.54.8]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id D155C29AA2EA; Tue, 14 Jun 2022 20:19:39 +0000 (UTC) Received: from localhost (unknown [10.33.36.159]) by smtp.corp.redhat.com (Postfix) with ESMTP id 990C9C50941; Tue, 14 Jun 2022 20:19:39 +0000 (UTC) From: Jonathan Wakely To: libstdc++@gcc.gnu.org, gcc-patches@gcc.gnu.org Subject: [committed] libstdc++: Check for size overflow in constexpr allocation [PR105957] Date: Tue, 14 Jun 2022 21:19:38 +0100 Message-Id: <20220614201938.1030025-1-jwakely@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.85 on 10.11.54.8 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-13.1 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE, URI_HEX autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libstdc++@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libstdc++ mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jun 2022 20:19:43 -0000 Tested powerpc64le-linux, pushed to trunk. -- >8 -- libstdc++-v3/ChangeLog: PR libstdc++/105957 * include/bits/allocator.h (allocator::allocate): Check for overflow in constexpr allocation. * testsuite/20_util/allocator/105975.cc: New test. --- libstdc++-v3/include/bits/allocator.h | 7 ++++++- .../testsuite/20_util/allocator/105975.cc | 18 ++++++++++++++++++ 2 files changed, 24 insertions(+), 1 deletion(-) create mode 100644 libstdc++-v3/testsuite/20_util/allocator/105975.cc diff --git a/libstdc++-v3/include/bits/allocator.h b/libstdc++-v3/include/bits/allocator.h index ee1121b080a..aec0b374fd1 100644 --- a/libstdc++-v3/include/bits/allocator.h +++ b/libstdc++-v3/include/bits/allocator.h @@ -184,7 +184,12 @@ _GLIBCXX_BEGIN_NAMESPACE_VERSION allocate(size_t __n) { if (std::__is_constant_evaluated()) - return static_cast<_Tp*>(::operator new(__n * sizeof(_Tp))); + { + if (__builtin_mul_overflow(__n, sizeof(_Tp), &__n)) + std::__throw_bad_array_new_length(); + return static_cast<_Tp*>(::operator new(__n)); + } + return __allocator_base<_Tp>::allocate(__n, 0); } diff --git a/libstdc++-v3/testsuite/20_util/allocator/105975.cc b/libstdc++-v3/testsuite/20_util/allocator/105975.cc new file mode 100644 index 00000000000..4342aeade04 --- /dev/null +++ b/libstdc++-v3/testsuite/20_util/allocator/105975.cc @@ -0,0 +1,18 @@ +// { dg-options "-std=gnu++20" } +// { dg-do compile { target c++20 } } + +// PR libstdc++/105957 + +#include + +consteval bool test_pr105957() +{ + std::allocator a; + auto n = std::size_t(-1) / (sizeof(long long) - 1); + auto p = a.allocate(n); // { dg-error "constexpr" } + a.deallocate(p, n); + return true; +} +static_assert( test_pr105957() ); + +// { dg-error "throw_bad_array_new_length" "" { target *-*-* } 0 } -- 2.34.3