From 8efb4b55f39dbb80a5f03bbf5946826a1b9c0980 Mon Sep 17 00:00:00 2001 From: Philipp Oppermann Date: Thu, 1 Sep 2022 12:43:34 +0200 Subject: [PATCH] Assert in `HoleList::new` that the space is large enough to store a `Hole` Ensures that no out of bounds write happens when the given hole size is to small, or becomes too small after alignment. --- src/hole.rs | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/src/hole.rs b/src/hole.rs index ce2219c..efdf84c 100644 --- a/src/hole.rs +++ b/src/hole.rs @@ -329,14 +329,22 @@ impl HoleList { /// The pointer to `hole_addr` is automatically aligned. pub unsafe fn new(hole_addr: *mut u8, hole_size: usize) -> HoleList { assert_eq!(size_of::(), Self::min_size()); + assert!(hole_size >= size_of::()); let aligned_hole_addr = align_up(hole_addr, align_of::()); + let aligned_hole_size = hole_size - ((aligned_hole_addr as usize) - (hole_addr as usize)); + assert!(aligned_hole_size >= size_of::()); + let ptr = aligned_hole_addr as *mut Hole; ptr.write(Hole { - size: hole_size - ((aligned_hole_addr as usize) - (hole_addr as usize)), + size: aligned_hole_size, next: None, }); + assert_eq!( + hole_addr.wrapping_add(hole_size), + aligned_hole_addr.wrapping_add(aligned_hole_size) + ); HoleList { first: Hole { size: 0,