[Bug libstdc++/94906] memory corruption in std::pmr::monotonic_buffer_resource
cvs-commit at gcc dot gnu.org
gcc-bugzilla@gcc.gnu.org
Tue May 12 08:55:15 GMT 2020
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94906
--- Comment #4 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The releases/gcc-10 branch has been updated by Jonathan Wakely
<redi@gcc.gnu.org>:
https://gcc.gnu.org/g:dc103060c18656affaecfdd57faa4e0237dadcd3
commit r10-8136-gdc103060c18656affaecfdd57faa4e0237dadcd3
Author: Jonathan Wakely <jwakely@redhat.com>
Date: Tue May 12 09:54:44 2020 +0100
libstdc++: Fix incorrect size calculation in PMR resource (PR 94906)
Calculating the size of a chunk being returned to the upstream allocator
was done with a 32-bit type, so it wrapped if the chunk was 4GB or
larger.
I don't know how to test this without allocating 4GB, so there's no test
in the testsuite. It has been tested manually of course.
Backport from mainline
2020-05-04 Jonathan Wakely <jwakely@redhat.com>
PR libstdc++/94906
* src/c++17/memory_resource.cc
(monotonic_buffer_resource::_Chunk::release): Use size_t for shift
operands.
More information about the Gcc-bugs
mailing list