[Gc] Re[2]: [bdwgc] Overflow fixes (#15)

Ivan Maidanski ivmai at mail.ru
Thu Mar 15 09:45:21 PST 2012


Hi Hans,

Applied both patches (plus your speed-up) to both branches.

BTW. I think we could do official releases next week (finally). I don't have any plan (nor have any pending fixes) to modify sources within next several months.

My suggestion is to release tarballs both for final 7.2 and alpha 7.3 at the same time:
libatomic_ops-7.2;
gc7.2 (includes libatomic_ops);
libatomic_ops-7.3alpha2;
gc7.3alpha2.

What do you think? (I could bump the version and prepare the tarballs)

Regards.

Wed, 14 Mar 2012 22:35:00 +0000 "Boehm, Hans" <hans.boehm at hp.com>:
> Thanks.  In general, it's better to post such things to gc at linux.hpl.hp.com.  But this one is marginal, since there could possibly be a security issue here.
> 
> Ivan -
> 
> Can you apply these?
> 
> I'm not a great fan of the integer division on the calloc critical path.  Integer division is very slow in some environments.
> At the risk of obfuscation, could we do something like
> 
> # define SQRT_SIZE_MAX (1 << (WORDSZ/2) - 1)
> 
> +    if ((lb | n) > SQRT_SIZE_MAX /* fast initial test */ && lb && n > SIZE_MAX / lb)
> +      return NULL;
> 
> or perhaps define a macro to check for multiplication overflow that does this internally?
> 
> Hans
> 
> > -----Original Message-----
> > From: Xi Wang [mailto:reply+i-3656715-
> > 3be0d4399b3e852d4dcbc69c946e07937bccf3b4-1000362 at reply.github.com]
> > Sent: Wednesday, March 14, 2012 2:20 PM
> > To: Boehm, Hans
> > Subject: [bdwgc] Overflow fixes (#15)
> >
> > Hi,
> >
> > This fixes two integer overflows in GC_generic_malloc() and calloc(),
> > respectively, which could lead to buffer overflows.
> >
> >
> > You can merge this Pull Request by running:
> >
> >   git pull https://github.com/xiw/bdwgc overflow
> >
> > Or you can view, comment on it, or merge it online at:
> >
> >   https://github.com/ivmai/bdwgc/pull/15
> >
> > -- Commit Summary --
> >
> > * Fix calloc() overflow
> > * Fix overflow in GC_generic_malloc()
> >
> > -- File Changes --
> >
> > M malloc.c (10)
> >
> > -- Patch Links --
> >
> >   https://github.com/ivmai/bdwgc/pull/15.patch
> >   https://github.com/ivmai/bdwgc/pull/15.diff
> >
> > ---
> > Reply to this email directly or view it on GitHub:
> > https://github.com/ivmai/bdwgc/pull/15
> 



More information about the Gc mailing list