[boost/f16] In Boost.Pool, be careful not to overflow allocated chunk size. - Resolves: #828857
Petr Machata
pmachata at fedoraproject.org
Wed Jun 6 23:02:40 UTC 2012
commit 2f5d4913f663a8ee14685dd23351fca68da6a5c6
Author: Petr Machata <pmachata at redhat.com>
Date: Thu Jun 7 01:02:28 2012 +0200
In Boost.Pool, be careful not to overflow allocated chunk size.
- Resolves: #828857
boost-1.47.0-pool.patch | 110 +++++++++++++++++++++++++++++++++++++++++++++++
boost.spec | 11 ++++-
2 files changed, 120 insertions(+), 1 deletions(-)
---
diff --git a/boost-1.47.0-pool.patch b/boost-1.47.0-pool.patch
new file mode 100644
index 0000000..335a192
--- /dev/null
+++ b/boost-1.47.0-pool.patch
@@ -0,0 +1,110 @@
+diff -up boost_1_47_0/boost/pool/pool.hpp\~ boost_1_47_0/boost/pool/pool.hpp
+--- boost_1_47_0/boost/pool/pool.hpp~ 2011-01-11 15:22:32.000000000 +0100
++++ boost_1_47_0/boost/pool/pool.hpp 2012-06-07 01:00:26.936184589 +0200
+@@ -26,6 +26,10 @@
+
+ #include <boost/pool/poolfwd.hpp>
+
++// std::numeric_limits
++#include <boost/limits.hpp>
++// boost::math::static_lcm
++#include <boost/math/common_factor.hpp>
+ // boost::details::pool::ct_lcm
+ #include <boost/pool/detail/ct_gcd_lcm.hpp>
+ // boost::details::pool::lcm
+@@ -187,6 +191,15 @@ class pool: protected simple_segregated_
+ return details::pool::lcm<size_type>(requested_size, min_size);
+ }
+
++ size_type max_chunks() const
++ { //! Calculated maximum number of memory chunks that can be allocated in a single call by this Pool.
++ size_type partition_size = alloc_size();
++ size_type POD_size = math::static_lcm<sizeof(size_type), sizeof(void *)>::value + sizeof(size_type);
++ size_type max_chunks = (std::numeric_limits<size_type>::max() - POD_size) / alloc_size();
++
++ return max_chunks;
++ }
++
+ // for the sake of code readability :)
+ static void * & nextof(void * const ptr)
+ { return *(static_cast<void **>(ptr)); }
+@@ -198,7 +211,10 @@ class pool: protected simple_segregated_
+ const size_type nnext_size = 32,
+ const size_type nmax_size = 0)
+ :list(0, 0), requested_size(nrequested_size), next_size(nnext_size), start_size(nnext_size),max_size(nmax_size)
+- { }
++ {
++ set_next_size(nnext_size);
++ set_max_size(nmax_size);
++ }
+
+ ~pool() { purge_memory(); }
+
+@@ -213,9 +229,17 @@ class pool: protected simple_segregated_
+
+ // These functions are extensions!
+ size_type get_next_size() const { return next_size; }
+- void set_next_size(const size_type nnext_size) { next_size = start_size = nnext_size; }
++ void set_next_size(const size_type nnext_size)
++ {
++ BOOST_USING_STD_MIN();
++ next_size = start_size = min BOOST_PREVENT_MACRO_SUBSTITUTION(nnext_size, max_chunks());
++ }
+ size_type get_max_size() const { return max_size; }
+- void set_max_size(const size_type nmax_size) { max_size = nmax_size; }
++ void set_max_size(const size_type nmax_size)
++ {
++ BOOST_USING_STD_MIN();
++ max_size = min BOOST_PREVENT_MACRO_SUBSTITUTION(nmax_size, max_chunks());
++ }
+ size_type get_requested_size() const { return requested_size; }
+
+ // Both malloc and ordered_malloc do a quick inlined check first for any
+@@ -447,9 +471,9 @@ void * pool<UserAllocator>::malloc_need_
+
+ BOOST_USING_STD_MIN();
+ if(!max_size)
+- next_size <<= 1;
++ set_next_size(next_size << 1);
+ else if( next_size*partition_size/requested_size < max_size)
+- next_size = min BOOST_PREVENT_MACRO_SUBSTITUTION(next_size << 1, max_size*requested_size/ partition_size);
++ set_next_size(min BOOST_PREVENT_MACRO_SUBSTITUTION(next_size << 1, max_size * requested_size / partition_size));
+
+ // initialize it,
+ store().add_block(node.begin(), node.element_size(), partition_size);
+@@ -476,9 +500,9 @@ void * pool<UserAllocator>::ordered_mall
+
+ BOOST_USING_STD_MIN();
+ if(!max_size)
+- next_size <<= 1;
++ set_next_size(next_size << 1);
+ else if( next_size*partition_size/requested_size < max_size)
+- next_size = min BOOST_PREVENT_MACRO_SUBSTITUTION(next_size << 1, max_size*requested_size/ partition_size);
++ set_next_size(min BOOST_PREVENT_MACRO_SUBSTITUTION(next_size << 1, max_size * requested_size / partition_size));
+
+ // initialize it,
+ // (we can use "add_block" here because we know that
+@@ -519,6 +543,9 @@ void * pool<UserAllocator>::ordered_mall
+ template <typename UserAllocator>
+ void * pool<UserAllocator>::ordered_malloc(const size_type n)
+ {
++ if (n > max_chunks())
++ return 0;
++
+ const size_type partition_size = alloc_size();
+ const size_type total_req_size = n * requested_size;
+ const size_type num_chunks = total_req_size / partition_size +
+@@ -549,9 +576,9 @@ void * pool<UserAllocator>::ordered_mall
+
+ BOOST_USING_STD_MIN();
+ if(!max_size)
+- next_size <<= 1;
++ set_next_size(next_size << 1);
+ else if( next_size*partition_size/requested_size < max_size)
+- next_size = min BOOST_PREVENT_MACRO_SUBSTITUTION(next_size << 1, max_size*requested_size/ partition_size);
++ set_next_size(min BOOST_PREVENT_MACRO_SUBSTITUTION(next_size << 1, max_size * requested_size / partition_size));
+
+ // insert it into the list,
+ // handle border case
+
+Diff finished. Thu Jun 7 01:00:38 2012
diff --git a/boost.spec b/boost.spec
index d10991d..5b3060c 100644
--- a/boost.spec
+++ b/boost.spec
@@ -28,7 +28,7 @@ Name: boost
Summary: The free peer-reviewed portable C++ source libraries
Version: 1.47.0
%define version_enc 1_47_0
-Release: 6%{?dist}
+Release: 7%{?dist}
License: Boost
# The CMake build framework (set of CMakeLists.txt and module.cmake files) is
@@ -98,6 +98,10 @@ Patch3: boost-1.47.0-exceptions.patch
# https://svn.boost.org/trac/boost/ticket/5934
Patch4: boost-1.47.0-tuple.patch
+# https://bugzilla.redhat.com/show_bug.cgi?id=828856
+# https://bugzilla.redhat.com/show_bug.cgi?id=828857
+Patch5: boost-1.47.0-pool.patch
+
%bcond_with tests
%bcond_with docs_generated
@@ -441,6 +445,7 @@ sed 's/_FEDORA_SONAME/%{sonamever}/' %{PATCH1} | %{__patch} -p0 --fuzz=0
%patch2 -p1
%patch3 -p0
%patch4 -p2
+%patch5 -p1
%build
# Support for building tests.
@@ -894,6 +899,10 @@ find $RPM_BUILD_ROOT%{_includedir}/ \( -name '*.pl' -o -name '*.sh' \) -exec %{_
%{_bindir}/bjam
%changelog
+* Wed Jun 6 2012 Petr Machata <pmachata at redhat.com> - 1.47.0-7
+- In Boost.Pool, be careful not to overflow allocated chunk size.
+- Resolves: #828857
+
* Wed Jan 4 2012 Denis Arnaud <denis.arnaud_fedora at m4x.org> - 1.47.0-6
- Integrated into "upstream" (CMake-ified Boost) the Boost.TR1/Math patch.
More information about the scm-commits
mailing list