1 |
commit: 335e3c30ebd98959a53c22b12b17f907d7def48c |
2 |
Author: Mike Frysinger <vapier <AT> gentoo <DOT> org> |
3 |
AuthorDate: Thu Nov 26 08:41:47 2015 +0000 |
4 |
Commit: Mike Frysinger <vapier <AT> gentoo <DOT> org> |
5 |
CommitDate: Thu Nov 26 08:41:47 2015 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/pax-utils.git/commit/?id=335e3c30 |
7 |
|
8 |
xarray: move ele update to after bounds check |
9 |
|
10 |
Even though we don't use the loaded ele value until after we check |
11 |
the bounds of the counter, it makes ASAN unhappy, and might cause |
12 |
a load of invalid memory. |
13 |
|
14 |
URL: https://bugs.gentoo.org/553368 |
15 |
Reported-by: Hanno Boeck <hanno <AT> gentoo.org> |
16 |
|
17 |
xfuncs.h | 8 ++++++-- |
18 |
1 file changed, 6 insertions(+), 2 deletions(-) |
19 |
|
20 |
diff --git a/xfuncs.h b/xfuncs.h |
21 |
index 82f5da0..61577ec 100644 |
22 |
--- a/xfuncs.h |
23 |
+++ b/xfuncs.h |
24 |
@@ -27,10 +27,14 @@ void xarraypush(array_t *array, const void *ele, size_t ele_len); |
25 |
#define xarraypush_str(arr, ele) xarraypush(arr, ele, strlen(ele) + 1 /*NUL*/) |
26 |
void xarrayfree(array_t *array); |
27 |
#define xrealloc_array(ptr, size, ele_size) xrealloc(ptr, (size) * (ele_size)) |
28 |
+/* The assignment after the check is unfortunate as we do a non-NULL check (we |
29 |
+ * already do not permit pushing of NULL pointers), but we can't put it in the |
30 |
+ * increment phase as that will cause a load beyond the bounds of valid memory. |
31 |
+ */ |
32 |
#define array_for_each(arr, n, ele) \ |
33 |
for (n = 0, ele = array_cnt(arr) ? arr->eles[n] : NULL; \ |
34 |
- n < array_cnt(arr); \ |
35 |
- ele = arr->eles[++n]) |
36 |
+ n < array_cnt(arr) && (ele = arr->eles[n]); \ |
37 |
+ ++n) |
38 |
#define array_init_decl { .eles = NULL, .num = 0, } |
39 |
#define array_cnt(arr) (arr)->num |
40 |
char *array_flatten_str(array_t *array); |