* Added a lower limit on tdynamicarray block size. Certain values less than dynamicblockbasesize+alignment, e.g. 8 on x86_64, cause grow() to enter an infinite loop. Such values come e.g. from cloning tdataconstnode, which abuses blocksize argument as data size. Mantis #20929.

git-svn-id: trunk@19873 -
2025-04-14 00:59:30 +02:00 · 2011-12-18 22:34:56 +00:00 · 2011-12-18 22:34:56 +00:00 · aea30f9bb2
commit aea30f9bb2
parent 0b655b19d9
1 changed files with 8 additions and 1 deletions
--- a/compiler/cclasses.pas
+++ b/compiler/cclasses.pas
@ -433,6 +433,7 @@ type

     const
       dynamicblockbasesize = sizeof(tdynamicblock)-sizeof(tdynamicblockdata);
+       mindynamicblocksize = 8*sizeof(pointer);

     type
       tdynamicarray = class
@ -2401,6 +2402,12 @@ end;
        FFirstblock:=nil;
        FLastblock:=nil;
        FCurrBlockSize:=0;
+        { Every block needs at least a header and alignment slack,
+          therefore its size cannot be arbitrarily small. However,
+          the blocksize argument is often confused with data size.
+          See e.g. Mantis #20929. }
+        if Ablocksize<mindynamicblocksize then
+          Ablocksize:=mindynamicblocksize;
        FMaxBlockSize:=Ablocksize;
        grow;
      end;
@ -2454,7 +2461,7 @@ end;
      begin
        if CurrBlockSize<FMaxBlocksize then
          begin
-            IncSize := sizeof(ptrint)*8;
+            IncSize := mindynamicblocksize;
            if FCurrBlockSize > 255 then
              Inc(IncSize, FCurrBlockSize shr 2);
            inc(FCurrBlockSize,IncSize);