diff options
author | Chris Manton <cmanton@google.com> | 2021-09-29 17:49:25 -0700 |
---|---|---|
committer | Chris Manton <cmanton@google.com> | 2021-10-01 15:43:17 +0000 |
commit | cee4d086c959e174328a0e173398d99f59ccbb1f (patch) | |
tree | 4d93125fbd36015623d1662e0f1aa9ddab81264c | |
parent | 6dd3a7aa69af0c8f733bde9a85f3954ce93413f0 (diff) | |
download | bt-cee4d086c959e174328a0e173398d99f59ccbb1f.tar.gz |
osi: Prevent memory allocations with MSB set
Limit allocations on 32bit to 2 GB
Limit allocations on 64bit to 8 Exabyte
Bug: 197868577
Tag: #refactor
Test: gd/cert/run
Ignore-AOSP-First: Security
Change-Id: I1c347084d7617b1e364a3241f1b37b398a2a6c6a
-rw-r--r-- | osi/src/allocator.cc | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/osi/src/allocator.cc b/osi/src/allocator.cc index 1c0449e14..e2c356dd3 100644 --- a/osi/src/allocator.cc +++ b/osi/src/allocator.cc @@ -56,6 +56,7 @@ char* osi_strndup(const char* str, size_t len) { } void* osi_malloc(size_t size) { + CHECK(static_cast<ssize_t>(size) >= 0); size_t real_size = allocation_tracker_resize_for_canary(size); void* ptr = malloc(real_size); CHECK(ptr); @@ -63,6 +64,7 @@ void* osi_malloc(size_t size) { } void* osi_calloc(size_t size) { + CHECK(static_cast<ssize_t>(size) >= 0); size_t real_size = allocation_tracker_resize_for_canary(size); void* ptr = calloc(1, real_size); CHECK(ptr); |