Skip to content

Commit

Permalink
WTF::Vector cross-container overflow ASAN support
Browse files Browse the repository at this point in the history 
https://bugs.webkit.org/show_bug.cgi?id=261220
rdar://113692853

Reviewed by David Kilzer.

Added check in ASAN builds for container overflow

* Source/WTF/wtf/Vector.h:
(WTF::Malloc>::asanBufferSizeWillChangeTo):
(WTF::Malloc>::uncheckedAppend):
* Tools/TestWebKitAPI/Tests/WTF/Vector.cpp:
(TestWebKitAPI::TEST):

Originally-landed-as: 1393b61. rdar://117808918
Canonical link: https://commits.webkit.org/270346@main
  • Loading branch information
@abigailfox @robert-jenner
abigailfox authored and robert-jenner committed Nov 7, 2023
1 parent dabbc74 commit 6dd6fa0
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions Source/WTF/wtf/Vector.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1307,6 +1307,8 @@ inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::asa
if (!buffer())
return;

RELEASE_ASSERT_WITH_MESSAGE(newSize <= capacity(), "Attempt to expand size (%lu) beyond current capacity (%lu)", newSize, capacity());

// Change allowed range.
__sanitizer_annotate_contiguous_container(buffer(), endOfBuffer(), buffer() + size(), buffer() + newSize);
#else
Expand Down

0 comments on commit 6dd6fa0

Please sign in to comment.