diff options
| author | Khem Raj <raj.khem@gmail.com> | 2020-11-08 16:02:15 -0800 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2020-11-11 10:08:12 +0000 |
| commit | 4f62a09c6ecf5f7abd72712fdd7dcdb8455a1b8a (patch) | |
| tree | 618857d0fb97b56e9923400305ad9bf9b9fbc860 | |
| parent | c55b6ce9ed74fc11e97a8ab27b12fd33c0cf77be (diff) | |
| download | poky-4f62a09c6ecf5f7abd72712fdd7dcdb8455a1b8a.tar.gz | |
puzzles: Check for excessive constant arguments
Fixes an issue found with LTO builds
(From OE-Core rev: 4698e7868b34f6d0676842340659fb3a5f58d532)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
| -rw-r--r-- | meta/recipes-sato/puzzles/files/0001-malloc-Check-for-excessive-values-to-malloc.patch | 49 | ||||
| -rw-r--r-- | meta/recipes-sato/puzzles/puzzles_git.bb | 1 |
2 files changed, 50 insertions, 0 deletions
diff --git a/meta/recipes-sato/puzzles/files/0001-malloc-Check-for-excessive-values-to-malloc.patch b/meta/recipes-sato/puzzles/files/0001-malloc-Check-for-excessive-values-to-malloc.patch new file mode 100644 index 0000000000..66af6afa2f --- /dev/null +++ b/meta/recipes-sato/puzzles/files/0001-malloc-Check-for-excessive-values-to-malloc.patch | |||
| @@ -0,0 +1,49 @@ | |||
| 1 | From 1c01a5bc9ac7f8aaa484b1a8e0e74aa5f8899d0e Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Khem Raj <raj.khem@gmail.com> | ||
| 3 | Date: Sun, 8 Nov 2020 11:17:59 -0800 | ||
| 4 | Subject: [PATCH] malloc: Check for excessive values to malloc | ||
| 5 | |||
| 6 | with whole program optimizers like lto smalloc() | ||
| 7 | is inlined the excessive constant argument is propagated to | ||
| 8 | malloc() and ultimately triggers the warning. | ||
| 9 | |||
| 10 | malloc.c:15:9: error: argument 1 range [18446744065119617024, 18446744073709551580] exceeds maximum object size 9223372036854775807 [-Werror=alloc-size-larger-than=] | ||
| 11 | |||
| 12 | therefore add a check before excessive constant argument before calling | ||
| 13 | malloc | ||
| 14 | |||
| 15 | Note that this will not happen with normal compile since they happen to | ||
| 16 | be in different translation units and compiler can not semantically | ||
| 17 | analyze as much | ||
| 18 | |||
| 19 | Upstream-Status: Pending | ||
| 20 | |||
| 21 | Signed-off-by: Khem Raj <raj.khem@gmail.com> | ||
| 22 | --- | ||
| 23 | malloc.c | 3 +++ | ||
| 24 | 1 file changed, 3 insertions(+) | ||
| 25 | |||
| 26 | diff --git a/malloc.c b/malloc.c | ||
| 27 | index a7fa7c5..520377c 100644 | ||
| 28 | --- a/malloc.c | ||
| 29 | +++ b/malloc.c | ||
| 30 | @@ -2,6 +2,7 @@ | ||
| 31 | * malloc.c: safe wrappers around malloc, realloc, free, strdup | ||
| 32 | */ | ||
| 33 | |||
| 34 | +#include <stdint.h> | ||
| 35 | #include <stdlib.h> | ||
| 36 | #include <string.h> | ||
| 37 | #include "puzzles.h" | ||
| 38 | @@ -12,6 +13,8 @@ | ||
| 39 | */ | ||
| 40 | void *smalloc(size_t size) { | ||
| 41 | void *p; | ||
| 42 | + if (size > PTRDIFF_MAX) | ||
| 43 | + fatal("exceeds maximum object size"); | ||
| 44 | p = malloc(size); | ||
| 45 | if (!p) | ||
| 46 | fatal("out of memory"); | ||
| 47 | -- | ||
| 48 | 2.29.2 | ||
| 49 | |||
diff --git a/meta/recipes-sato/puzzles/puzzles_git.bb b/meta/recipes-sato/puzzles/puzzles_git.bb index a0f3b5d9cd..8e4d5b3349 100644 --- a/meta/recipes-sato/puzzles/puzzles_git.bb +++ b/meta/recipes-sato/puzzles/puzzles_git.bb | |||
| @@ -14,6 +14,7 @@ SRC_URI = "git://git.tartarus.org/simon/puzzles.git \ | |||
| 14 | file://0001-Use-Wno-error-format-overflow-if-the-compiler-suppor.patch \ | 14 | file://0001-Use-Wno-error-format-overflow-if-the-compiler-suppor.patch \ |
| 15 | file://0001-pattern.c-Change-string-lenght-parameter-to-be-size_.patch \ | 15 | file://0001-pattern.c-Change-string-lenght-parameter-to-be-size_.patch \ |
| 16 | file://fix-ki-uninitialized.patch \ | 16 | file://fix-ki-uninitialized.patch \ |
| 17 | file://0001-malloc-Check-for-excessive-values-to-malloc.patch \ | ||
| 17 | " | 18 | " |
| 18 | 19 | ||
| 19 | UPSTREAM_CHECK_COMMITS = "1" | 20 | UPSTREAM_CHECK_COMMITS = "1" |