pool/boost
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 208551 from home:netsroth:branches:devel:libraries:c_c++

Browse Source 
Add patch against malloc int overflow

OBS-URL: https://build.opensuse.org/request/show/208551
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/boost?expand=0&rev=114
This commit is contained in:
Ismail Dönmez 2013-11-26 16:13:25 +00:00 committed by Git OBS Bridge
parent 1240cf29df
commit 534ea3a38c
3 changed files with 45 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
boost-pool_check_overflow.patch Normal file
View File

@ -0,0 +1,36 @@
Upstream URL: https://svn.boost.org/trac/boost/ticket/6701
Check that request size doesn't overflow.
Index: boost/pool/pool.hpp
===================================================================
--- boost/pool/pool.hpp.orig 2007-11-25 19:07:19.000000000 +0100
+++ boost/pool/pool.hpp 2012-06-22 13:03:49.422438613 +0200
@@ -10,6 +10,8 @@
#define BOOST_POOL_HPP
#include <boost/config.hpp> // for workarounds
+// std::numeric_limits
+#include <boost/limits.hpp>
// std::less, std::less_equal, std::greater
#include <functional>
@@ -793,6 +793,9 @@ void * pool<UserAllocator>::ordered_mall
//! \returns Address of chunk n if allocated ok.
//! \returns 0 if not enough memory for n chunks.
+ if (requested_size && (n > (std::numeric_limits<size_type>::max)() / requested_size))
+ return 0;
+
const size_type partition_size = alloc_size();
const size_type total_req_size = n * requested_size;
const size_type num_chunks = total_req_size / partition_size +
@@ -975,6 +979,8 @@
{
if(max_alloc_size && (n > max_alloc_size))
return 0;
+ if(chunk_size && (n > (std::numeric_limits<size_type>::max)() / chunk_size))
+ return 0;
void* ret = (user_allocator::malloc)(chunk_size * n);
used_list.insert(ret);
return ret;

7
boost.changes
View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Tue Nov 26 16:13:00 CET 2013 - tbehrens@suse.com
- Add boost-pool_check_overflow.patch: Prevent possible overflow when
calculating the amount to malloc (bnc#765443).
Fix from https://svn.boost.org/trac/boost/ticket/6701
------------------------------------------------------------------- -------------------------------------------------------------------
Sun Oct 20 12:51:53 UTC 2013 - jengelh@inai.de Sun Oct 20 12:51:53 UTC 2013 - jengelh@inai.de

2
boost.spec
View File

@ -105,6 +105,7 @@ Source4: existing_extra_docs
Patch1: boost-thread.patch Patch1: boost-thread.patch
Patch2: boost-no_type_punning.patch Patch2: boost-no_type_punning.patch
Patch8: boost-no_segfault_in_Regex_filter.patch Patch8: boost-no_segfault_in_Regex_filter.patch
Patch9: boost-pool_check_overflow.patch
Patch20: boost-strict_aliasing.patch Patch20: boost-strict_aliasing.patch
Patch50: boost-use_std_xml_catalog.patch Patch50: boost-use_std_xml_catalog.patch
Patch60: boost-glibc-2.18.patch Patch60: boost-glibc-2.18.patch
@ -421,6 +422,7 @@ find -type f ! \( -name \*.sh -o -name \*.py -o -name \*.pl \) -exec chmod -x {}
%patch1 %patch1
%patch2 %patch2
%patch8 %patch8
%patch9
%patch20 %patch20
%patch50 %patch50
%patch60 -p1 %patch60 -p1