aboutsummaryrefslogtreecommitdiffstats
path: root/erts/emulator/beam/erl_alloc_util.c
diff options
context:
space:
mode:
authorSverker Eriksson <[email protected]>2014-06-27 20:13:46 +0200
committerSverker Eriksson <[email protected]>2014-06-27 20:13:46 +0200
commit1d583e08cd5235881ede6f92800c25ddee13056f (patch)
tree0650ef7818f46ef739e671f28fc1e9468881ee5a /erts/emulator/beam/erl_alloc_util.c
parent461dc05384eece7b4b7d84370fb0a2cf96ed2f6d (diff)
downloadotp-1d583e08cd5235881ede6f92800c25ddee13056f.tar.gz
otp-1d583e08cd5235881ede6f92800c25ddee13056f.tar.bz2
otp-1d583e08cd5235881ede6f92800c25ddee13056f.zip
erts: Fix size overflow bugs in memory allocation
Diffstat (limited to 'erts/emulator/beam/erl_alloc_util.c')
-rw-r--r--erts/emulator/beam/erl_alloc_util.c9
1 files changed, 9 insertions, 0 deletions
diff --git a/erts/emulator/beam/erl_alloc_util.c b/erts/emulator/beam/erl_alloc_util.c
index 45f0cc4312..a4e164bf51 100644
--- a/erts/emulator/beam/erl_alloc_util.c
+++ b/erts/emulator/beam/erl_alloc_util.c
@@ -3274,6 +3274,15 @@ create_carrier(Allctr_t *allctr, Uint umem_sz, UWord flags)
ASSERT(!(flags & CFLG_FORCE_MSEG && flags & CFLG_FORCE_SYS_ALLOC));
+ if (umem_sz > (ERTS_UINT_MAX - ERTS_UINT_MAX/100)) {
+ /* Do an overly conservative _overflow_ check here so we don't
+ * have to deal with it from here on. I guess we could be more accurate
+ * but I don't think the need to allocate over 99% of the address space
+ * will ever arise on any machine, neither 32 nor 64 bit.
+ */
+ return NULL;
+ }
+
blk_sz = UMEMSZ2BLKSZ(allctr, umem_sz);
#ifdef ERTS_SMP