Memory: add MEM_malloc_arrayN() function to protect against overflow.

Differential Revision: https://developer.blender.org/D3002
author: Brecht Van Lommel <brechtvanlommel@gmail.com> 2018-01-14 23:53:32 +0300
committer: Brecht Van Lommel <brechtvanlommel@gmail.com> 2018-01-17 21:59:47 +0300
commit: a6700362c71c3978acd53762e1f2e11e7f7a38b5 (patch)
tree: 1cf2d8a069c39eb0aa1384a2f80495710e89e9fd /tests/gtests
parent: 46204f843b5710dabb99e194aee5e3202b9688e4 (diff)
2 files changed, 62 insertions, 0 deletions
diff --git a/tests/gtests/guardedalloc/CMakeLists.txt b/tests/gtests/guardedalloc/CMakeLists.txt
index f4fb4f882ec..0063d0ed873 100644
--- a/tests/gtests/guardedalloc/CMakeLists.txt
+++ b/tests/gtests/guardedalloc/CMakeLists.txt
@@ -35,3 +35,4 @@ set(CMAKE_EXE_LINKER_FLAGS_DEBUG "${CMAKE_EXE_LINKER_FLAGS_DEBUG} ${PLATFORM_LIN
 
 
 BLENDER_TEST(guardedalloc_alignment "")
+BLENDER_TEST(guardedalloc_overflow "")
diff --git a/tests/gtests/guardedalloc/guardedalloc_overflow_test.cc b/tests/gtests/guardedalloc/guardedalloc_overflow_test.cc
new file mode 100644
index 00000000000..18cf57bd6ea
--- /dev/null
+++ b/tests/gtests/guardedalloc/guardedalloc_overflow_test.cc
@@ -0,0 +1,61 @@
+/* Apache License, Version 2.0 */
+
+#include "testing/testing.h"
+
+#include "MEM_guardedalloc.h"
+
+/* We expect to abort on integer overflow, to prevent possible exploits. */
+#ifdef _WIN32
+#define ABORT_PREDICATE ::testing::ExitedWithCode(3)
+#else
+#define ABORT_PREDICATE ::testing::KilledBySignal(SIGABRT)
+#endif
+
+namespace {
+
+void MallocArray(size_t len, size_t size)
+{
+	void *mem = MEM_malloc_arrayN(len, size, "MallocArray");
+	if (mem) {
+		MEM_freeN(mem);
+	}
+}
+
+void CallocArray(size_t len, size_t size)
+{
+	void *mem = MEM_calloc_arrayN(len, size, "CallocArray");
+	if (mem) {
+		MEM_freeN(mem);
+	}
+}
+
+}  // namespace
+
+TEST(guardedalloc, LockfreeIntegerOverflow)
+{
+	MallocArray(1, SIZE_MAX);
+	CallocArray(SIZE_MAX, 1);
+	MallocArray(SIZE_MAX / 2, 2);
+	CallocArray(SIZE_MAX / 1234567, 1234567);
+
+	EXPECT_EXIT(MallocArray(SIZE_MAX, 2), ABORT_PREDICATE, "");
+	EXPECT_EXIT(CallocArray(7, SIZE_MAX), ABORT_PREDICATE, "");
+	EXPECT_EXIT(MallocArray(SIZE_MAX, 12345567), ABORT_PREDICATE, "");
+	EXPECT_EXIT(CallocArray(SIZE_MAX, SIZE_MAX), ABORT_PREDICATE, "");
+}
+
+TEST(guardedalloc, GuardedIntegerOverflow)
+{
+	MEM_use_guarded_allocator();
+
+	MallocArray(1, SIZE_MAX);
+	CallocArray(SIZE_MAX, 1);
+	MallocArray(SIZE_MAX / 2, 2);
+	CallocArray(SIZE_MAX / 1234567, 1234567);
+
+	EXPECT_EXIT(MallocArray(SIZE_MAX, 2), ABORT_PREDICATE, "");
+	EXPECT_EXIT(CallocArray(7, SIZE_MAX), ABORT_PREDICATE, "");
+	EXPECT_EXIT(MallocArray(SIZE_MAX, 12345567), ABORT_PREDICATE, "");
+	EXPECT_EXIT(CallocArray(SIZE_MAX, SIZE_MAX), ABORT_PREDICATE, "");
+}
+
author	Brecht Van Lommel <brechtvanlommel@gmail.com>	2018-01-14 23:53:32 +0300
committer	Brecht Van Lommel <brechtvanlommel@gmail.com>	2018-01-17 21:59:47 +0300
commit	a6700362c71c3978acd53762e1f2e11e7f7a38b5 (patch)
tree	1cf2d8a069c39eb0aa1384a2f80495710e89e9fd /tests/gtests
parent	46204f843b5710dabb99e194aee5e3202b9688e4 (diff)