[Gc] RE: Re[2]: [bdwgc] Overflow fixes (#15)

Boehm, Hans hans.boehm at hp.com
Thu Mar 15 14:28:25 PST 2012


That sounds great to me.

Hans

> -----Original Message-----
> From: Ivan Maidanski [mailto:ivmai at mail.ru]
> Sent: Thursday, March 15, 2012 10:45 AM
> To: Boehm, Hans
> Cc: gc at linux.hpl.hp.com
> Subject: Re[2]: [bdwgc] Overflow fixes (#15)
> 
> Hi Hans,
> 
> Applied both patches (plus your speed-up) to both branches.
> 
> BTW. I think we could do official releases next week (finally). I don't
> have any plan (nor have any pending fixes) to modify sources within
> next several months.
> 
> My suggestion is to release tarballs both for final 7.2 and alpha 7.3
> at the same time:
> libatomic_ops-7.2;
> gc7.2 (includes libatomic_ops);
> libatomic_ops-7.3alpha2;
> gc7.3alpha2.
> 
> What do you think? (I could bump the version and prepare the tarballs)
> 
> Regards.
> 
> Wed, 14 Mar 2012 22:35:00 +0000 "Boehm, Hans" <hans.boehm at hp.com>:
> > Thanks.  In general, it's better to post such things to
> gc at linux.hpl.hp.com.  But this one is marginal, since there could
> possibly be a security issue here.
> >
> > Ivan -
> >
> > Can you apply these?
> >
> > I'm not a great fan of the integer division on the calloc critical
> path.  Integer division is very slow in some environments.
> > At the risk of obfuscation, could we do something like
> >
> > # define SQRT_SIZE_MAX (1 << (WORDSZ/2) - 1)
> >
> > +    if ((lb | n) > SQRT_SIZE_MAX /* fast initial test */ && lb && n
> > SIZE_MAX / lb)
> > +      return NULL;
> >
> > or perhaps define a macro to check for multiplication overflow that
> does this internally?
> >
> > Hans
> >
> > > -----Original Message-----
> > > From: Xi Wang [mailto:reply+i-3656715-
> > > 3be0d4399b3e852d4dcbc69c946e07937bccf3b4-1000362 at reply.github.com]
> > > Sent: Wednesday, March 14, 2012 2:20 PM
> > > To: Boehm, Hans
> > > Subject: [bdwgc] Overflow fixes (#15)
> > >
> > > Hi,
> > >
> > > This fixes two integer overflows in GC_generic_malloc() and
> calloc(),
> > > respectively, which could lead to buffer overflows.
> > >
> > >
> > > You can merge this Pull Request by running:
> > >
> > >   git pull https://github.com/xiw/bdwgc overflow
> > >
> > > Or you can view, comment on it, or merge it online at:
> > >
> > >   https://github.com/ivmai/bdwgc/pull/15
> > >
> > > -- Commit Summary --
> > >
> > > * Fix calloc() overflow
> > > * Fix overflow in GC_generic_malloc()
> > >
> > > -- File Changes --
> > >
> > > M malloc.c (10)
> > >
> > > -- Patch Links --
> > >
> > >   https://github.com/ivmai/bdwgc/pull/15.patch
> > >   https://github.com/ivmai/bdwgc/pull/15.diff
> > >
> > > ---
> > > Reply to this email directly or view it on GitHub:
> > > https://github.com/ivmai/bdwgc/pull/15
> >



More information about the Gc mailing list