diff options
| author | Hans <hzb153@gmail.com> | 2021-07-28 05:57:25 +0000 |
|---|---|---|
| committer | Austin Clements <austin@google.com> | 2021-09-02 13:45:48 +0000 |
| commit | 90ed541149c781a96b86060a7618f73dcf347f28 (patch) | |
| tree | 6bae0c9a2ae0b4c65d99d3fce5ca1d9b3a0a2f4b /src/runtime/mfixalloc.go | |
| parent | 69107e73cedb600187c5924247cdd0cf8f74070a (diff) | |
| download | go-90ed541149c781a96b86060a7618f73dcf347f28.tar.xz | |
runtime: ensure the fixalloc object size is valid
Usually, fixalloc is used to allocate small, persistent and reuseable
objects. The size is typically between range [sizeof(mlink), _FixAllocChunk].
It's rare for being out of the range. But if it did happen, we got a
hard-to-discover memory corruption. This commit prevents that situation by limiting object's size.
Change-Id: If6ef8b0831596464e0f55d09f79094b79ae08c66
GitHub-Last-Rev: cb8b1b01bbf452195f4f098d53cca74affc496ff
GitHub-Pull-Request: golang/go#47395
Reviewed-on: https://go-review.googlesource.com/c/go/+/337429
Reviewed-by: Austin Clements <austin@google.com>
Run-TryBot: Austin Clements <austin@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Trust: Cherry Mui <cherryyz@google.com>
Diffstat (limited to 'src/runtime/mfixalloc.go')
| -rw-r--r-- | src/runtime/mfixalloc.go | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/runtime/mfixalloc.go b/src/runtime/mfixalloc.go index 293c16b38b..a81139a389 100644 --- a/src/runtime/mfixalloc.go +++ b/src/runtime/mfixalloc.go @@ -50,6 +50,13 @@ type mlink struct { // Initialize f to allocate objects of the given size, // using the allocator to obtain chunks of memory. func (f *fixalloc) init(size uintptr, first func(arg, p unsafe.Pointer), arg unsafe.Pointer, stat *sysMemStat) { + if size > _FixAllocChunk { + throw("runtime: fixalloc size too large") + } + if min := unsafe.Sizeof(mlink{}); size < min { + size = min + } + f.size = size f.first = first f.arg = arg |