RFR: 8296496: Overzealous check in sizecalc.h prevents large memory allocation
Aleksei Ivanov
alexey.ivanov at oracle.com
Tue Nov 8 16:15:38 UTC 2022
Hi Patrick,
It is the reason why it should be updated. The checks in
IS_SAFE_STRUCT_SIZE are performed with the cast: (size_t)(a). If the
cast is omitted here, it may yield a different result.
What if ‘a’ is a signed integer with negative value?
Regards,
Alexey
On 08/11/2022 15:25, Patrick Chen wrote:
> But you forgot that (IS_SAFE_STRUCT_SIZE((a), (m), (n)) ?
> ((func)((a) + (size_t)(m) * (size_t)(n))) : FAILURE_RESULT) is not the
> same equivalence to (IS_SAFE_STRUCT_SIZE((a), (m), (n)) ?
> ((func)((size_t)(a) + (size_t)(m) * (size_t)(n))) : FAILURE_RESULT)
> because of the ((func)((size_t)(a) + (size_t)(m) * (size_t)(n))
>
> Le mar. 8 nov. 2022 à 14:59, Alexey Ivanov <aivanov at openjdk.org> a écrit :
>
> On Mon, 7 Nov 2022 22:04:55 GMT, Alexander Zuev
> <kizune at openjdk.org> wrote:
>
> <SNIP>
>
> To be safe, `a` should also be cast.
>
> And `IS_SAFE_STRUCT_SIZE` should also be updated to pass
> `(size_t)(m) * (size_t)(n)` to `IS_SAFE_SIZE_ADD` instead of `(m)
> * (n)`.
>
> -------------
>
> PR: https://git.openjdk.org/jdk/pull/11030
>
More information about the client-libs-dev
mailing list