paweld/fpc
1
0
Fork 0
mirror of https://gitlab.com/freepascal.org/fpc/source.git synced 2025-08-17 19:49:22 +02:00
Code Issues Packages Projects Releases Wiki Activity

* Added a lower limit on tdynamicarray block size. Certain values less than dynamicblockbasesize+alignment, e.g. 8 on x86_64, cause grow() to enter an infinite loop. Such values come e.g. from cloning tdataconstnode, which abuses blocksize argument as data size. Mantis #20929.

Browse Source 
git-svn-id: trunk@19873 -
This commit is contained in:
sergei 2011-12-18 22:34:56 +00:00
parent 0b655b19d9
commit aea30f9bb2
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
compiler/cclasses.pas
View File

@ -433,6 +433,7 @@ type
const const
dynamicblockbasesize = sizeof(tdynamicblock)-sizeof(tdynamicblockdata); dynamicblockbasesize = sizeof(tdynamicblock)-sizeof(tdynamicblockdata);
mindynamicblocksize = 8*sizeof(pointer);
type type
tdynamicarray = class tdynamicarray = class
@ -2401,6 +2402,12 @@ end;
FFirstblock:=nil; FFirstblock:=nil;
FLastblock:=nil; FLastblock:=nil;
FCurrBlockSize:=0; FCurrBlockSize:=0;
{ Every block needs at least a header and alignment slack,
therefore its size cannot be arbitrarily small. However,
the blocksize argument is often confused with data size.
See e.g. Mantis #20929. }
if Ablocksize<mindynamicblocksize then
Ablocksize:=mindynamicblocksize;
FMaxBlockSize:=Ablocksize; FMaxBlockSize:=Ablocksize;
grow; grow;
end; end;
@ -2454,7 +2461,7 @@ end;
begin begin
if CurrBlockSize<FMaxBlocksize then if CurrBlockSize<FMaxBlocksize then
begin begin
IncSize := sizeof(ptrint)*8; IncSize := mindynamicblocksize;
if FCurrBlockSize > 255 then if FCurrBlockSize > 255 then
Inc(IncSize, FCurrBlockSize shr 2); Inc(IncSize, FCurrBlockSize shr 2);
inc(FCurrBlockSize,IncSize); inc(FCurrBlockSize,IncSize);