diff options
author | Jonathan Wakely <jwakely@redhat.com> | 2022-06-14 14:37:25 +0100 |
---|---|---|
committer | Jonathan Wakely <jwakely@redhat.com> | 2022-06-14 21:07:47 +0100 |
commit | 0a9af7b4ef1b8aa85cc8820acf54d41d1569fc10 (patch) | |
tree | 8bf40c0d45908561bf164ca1224fd892a27fd4be | |
parent | 3e16b4359e86b36676ed01219e6deafa95f3c16b (diff) | |
download | gcc-0a9af7b4ef1b8aa85cc8820acf54d41d1569fc10.zip gcc-0a9af7b4ef1b8aa85cc8820acf54d41d1569fc10.tar.gz gcc-0a9af7b4ef1b8aa85cc8820acf54d41d1569fc10.tar.bz2 |
libstdc++: Check for size overflow in constexpr allocation [PR105957]
libstdc++-v3/ChangeLog:
PR libstdc++/105957
* include/bits/allocator.h (allocator::allocate): Check for
overflow in constexpr allocation.
* testsuite/20_util/allocator/105975.cc: New test.
-rw-r--r-- | libstdc++-v3/include/bits/allocator.h | 7 | ||||
-rw-r--r-- | libstdc++-v3/testsuite/20_util/allocator/105975.cc | 18 |
2 files changed, 24 insertions, 1 deletions
diff --git a/libstdc++-v3/include/bits/allocator.h b/libstdc++-v3/include/bits/allocator.h index ee1121b..aec0b37 100644 --- a/libstdc++-v3/include/bits/allocator.h +++ b/libstdc++-v3/include/bits/allocator.h @@ -184,7 +184,12 @@ _GLIBCXX_BEGIN_NAMESPACE_VERSION allocate(size_t __n) { if (std::__is_constant_evaluated()) - return static_cast<_Tp*>(::operator new(__n * sizeof(_Tp))); + { + if (__builtin_mul_overflow(__n, sizeof(_Tp), &__n)) + std::__throw_bad_array_new_length(); + return static_cast<_Tp*>(::operator new(__n)); + } + return __allocator_base<_Tp>::allocate(__n, 0); } diff --git a/libstdc++-v3/testsuite/20_util/allocator/105975.cc b/libstdc++-v3/testsuite/20_util/allocator/105975.cc new file mode 100644 index 0000000..4342aea --- /dev/null +++ b/libstdc++-v3/testsuite/20_util/allocator/105975.cc @@ -0,0 +1,18 @@ +// { dg-options "-std=gnu++20" } +// { dg-do compile { target c++20 } } + +// PR libstdc++/105957 + +#include <memory> + +consteval bool test_pr105957() +{ + std::allocator<long long> a; + auto n = std::size_t(-1) / (sizeof(long long) - 1); + auto p = a.allocate(n); // { dg-error "constexpr" } + a.deallocate(p, n); + return true; +} +static_assert( test_pr105957() ); + +// { dg-error "throw_bad_array_new_length" "" { target *-*-* } 0 } |