diff options
author | Andrei Homescu <ahomescu@google.com> | 2024-05-23 10:08:05 -0700 |
---|---|---|
committer | Copybara-Service <copybara-worker@google.com> | 2024-05-23 10:11:38 -0700 |
commit | d3f967b6076d467b204dd23bf29bbc19996b9764 (patch) | |
tree | dfa5b6d58e03d5d994acb59cb378a78713c160ea | |
parent | 7fc80174e25e8bdb9b356de0eb56ddb7f6a7160a (diff) | |
download | scudo-master.tar.gz |
https://github.com/llvm/llvm-project/pull/83493 slightly
changed the order of computation of block addresses and
pointers, causing the value of DefaultAlignedPtr to
include the MTE tag. Move this computation earlier so it
matches the old behavior.
This fixes a UBSan failure in Trusty:
secure os: UBSan: (overflow:-)
external/scudo/standalone/combined.h:1070:35
secure os: Details: unsigned integer overflow: 8988807738704 -
144124176883594576 cannot be represented in type 'uptr'
GitOrigin-RevId: b17d44558ba4c30a3005089b334f68593d6a9c7c
Change-Id: Ie86f195d79144e0539684a71dbedaa0c8b961729
-rw-r--r-- | standalone/combined.h | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/standalone/combined.h b/standalone/combined.h index 15a199ae034..f9ed36581f8 100644 --- a/standalone/combined.h +++ b/standalone/combined.h @@ -1052,6 +1052,10 @@ private: void *Block, const uptr UserPtr, const uptr SizeOrUnusedBytes, const FillContentsMode FillContents) { + // Compute the default pointer before adding the header tag + const uptr DefaultAlignedPtr = + reinterpret_cast<uptr>(Block) + Chunk::getHeaderSize(); + Block = addHeaderTag(Block); // Only do content fill when it's from primary allocator because secondary // allocator has filled the content. @@ -1064,8 +1068,6 @@ private: Chunk::UnpackedHeader Header = {}; - const uptr DefaultAlignedPtr = - reinterpret_cast<uptr>(Block) + Chunk::getHeaderSize(); if (UNLIKELY(DefaultAlignedPtr != UserPtr)) { const uptr Offset = UserPtr - DefaultAlignedPtr; DCHECK_GE(Offset, 2 * sizeof(u32)); @@ -1096,6 +1098,10 @@ private: const Options Options = Primary.Options.load(); DCHECK(useMemoryTagging<AllocatorConfig>(Options)); + // Compute the default pointer before adding the header tag + const uptr DefaultAlignedPtr = + reinterpret_cast<uptr>(Block) + Chunk::getHeaderSize(); + void *Ptr = reinterpret_cast<void *>(UserPtr); void *TaggedPtr = Ptr; @@ -1194,8 +1200,6 @@ private: Chunk::UnpackedHeader Header = {}; - const uptr DefaultAlignedPtr = - reinterpret_cast<uptr>(Block) + Chunk::getHeaderSize(); if (UNLIKELY(DefaultAlignedPtr != UserPtr)) { const uptr Offset = UserPtr - DefaultAlignedPtr; DCHECK_GE(Offset, 2 * sizeof(u32)); |