aboutsummaryrefslogtreecommitdiffstats
path: root/erts/emulator/beam/benchmark.h
diff options
context:
space:
mode:
authorBjörn Gustavsson <[email protected]>2011-05-12 11:50:01 +0200
committerBjörn Gustavsson <[email protected]>2011-08-03 11:24:52 +0200
commit2d30edeb73119bbbcf3622e5c163552c10df0861 (patch)
tree05939b21fc25a0591f7d8406a1f9779fee673fea /erts/emulator/beam/benchmark.h
parent8f066e99c9d614742dfb987befe72d21de4d739a (diff)
downloadotp-2d30edeb73119bbbcf3622e5c163552c10df0861.tar.gz
otp-2d30edeb73119bbbcf3622e5c163552c10df0861.tar.bz2
otp-2d30edeb73119bbbcf3622e5c163552c10df0861.zip
beam_load.c: Add overflow check of tag values
The handling of large values for other tags than TAG_i (integer) is buggy. Any tag value equal to or greater than 2^40 (5 bytes) will abort loading. Tag values fitting in 5 bytes will be truncated to 4 bytes values. Those bugs cause real problems because the bs_init2/6 and bs_init_bits/6 instructions unfortunately use TAG_u to encode literal sizes (using TAG_i would have been a better choice, but it is too late to change that now). Any binary size that cannot fit in an Uint should cause a system_limit exception at run-time, but instead the buggy handling will either cause an emulator crash (for values in the range 2^32 to 2^40-1) or abort loading. In this commit, implement overflow checking of tag values as a preparation for fixing the binary construction instructions. If any tag value cannot fit in an Uint (except for TAG_i), change the tag to the special TAG_o overflow tag.
Diffstat (limited to 'erts/emulator/beam/benchmark.h')
0 files changed, 0 insertions, 0 deletions