diff options
author | practicalswift <practicalswift@users.noreply.github.com> | 2019-01-06 16:38:32 +0100 |
---|---|---|
committer | practicalswift <practicalswift@users.noreply.github.com> | 2019-01-06 17:45:53 +0100 |
commit | ca126d490b0ff6960e135f3c77b2b2d4892a5744 (patch) | |
tree | f7255fed8ac1451d6438eb058f640cc58f0fe0a8 | |
parent | 9c719987718d9fcc3a689e50f5212acc7ead7606 (diff) |
Fix out-of-bounds write in case of failing mmap(...) in PosixLockedPageAllocator::AllocateLocked
-rw-r--r-- | src/support/allocators/secure.h | 6 | ||||
-rw-r--r-- | src/support/lockedpool.cpp | 3 | ||||
-rw-r--r-- | src/support/lockedpool.h | 2 |
3 files changed, 9 insertions, 2 deletions
diff --git a/src/support/allocators/secure.h b/src/support/allocators/secure.h index 7cd0df135d..57f5b1f733 100644 --- a/src/support/allocators/secure.h +++ b/src/support/allocators/secure.h @@ -40,7 +40,11 @@ struct secure_allocator : public std::allocator<T> { T* allocate(std::size_t n, const void* hint = 0) { - return static_cast<T*>(LockedPoolManager::Instance().alloc(sizeof(T) * n)); + T* allocation = static_cast<T*>(LockedPoolManager::Instance().alloc(sizeof(T) * n)); + if (!allocation) { + throw std::bad_alloc(); + } + return allocation; } void deallocate(T* p, std::size_t n) diff --git a/src/support/lockedpool.cpp b/src/support/lockedpool.cpp index 8d577cf521..627018083e 100644 --- a/src/support/lockedpool.cpp +++ b/src/support/lockedpool.cpp @@ -248,6 +248,9 @@ void *PosixLockedPageAllocator::AllocateLocked(size_t len, bool *lockingSuccess) void *addr; len = align_up(len, page_size); addr = mmap(nullptr, len, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0); + if (addr == MAP_FAILED) { + return nullptr; + } if (addr) { *lockingSuccess = mlock(addr, len) == 0; } diff --git a/src/support/lockedpool.h b/src/support/lockedpool.h index 48ffd7b307..b420c909fc 100644 --- a/src/support/lockedpool.h +++ b/src/support/lockedpool.h @@ -22,7 +22,7 @@ public: virtual ~LockedPageAllocator() {} /** Allocate and lock memory pages. * If len is not a multiple of the system page size, it is rounded up. - * Returns 0 in case of allocation failure. + * Returns nullptr in case of allocation failure. * * If locking the memory pages could not be accomplished it will still * return the memory, however the lockingSuccess flag will be false. |