yiranwang created this revision.
yiranwang added a subscriber: cfe-commits.
In libc++, there are some usage of aligned_storage which uses "sizeof" bytes of
raw data. This is problematic a bit, as the trailing padding area will be
counted by "sizeof", and it leads to out of bound access. For example, the
member __buf_ of std::function can be used to store pointers to parameters, and
the compiler could fail to figure out there is a pointer in the padding area
points to some local variable.
The fix enlarges the buffer so that the size is exact multiple of "_Align". It
is of no run time overhead.
http://reviews.llvm.org/D12247
Files:
include/type_traits
Index: include/type_traits
===================================================================
--- include/type_traits
+++ include/type_traits
@@ -1143,7 +1143,7 @@
union type
{
_Aligner __align;
- unsigned char __data[_Len];
+ unsigned char __data[(_Len + _Align - 1)/_Align * _Align];
};
};
@@ -1158,7 +1158,7 @@
{\
struct _ALIGNAS(n) type\
{\
- unsigned char __lx[_Len];\
+ unsigned char __lx[(_Len + n - 1)/n * n];\
};\
}
Index: include/type_traits
===================================================================
--- include/type_traits
+++ include/type_traits
@@ -1143,7 +1143,7 @@
union type
{
_Aligner __align;
- unsigned char __data[_Len];
+ unsigned char __data[(_Len + _Align - 1)/_Align * _Align];
};
};
@@ -1158,7 +1158,7 @@
{\
struct _ALIGNAS(n) type\
{\
- unsigned char __lx[_Len];\
+ unsigned char __lx[(_Len + n - 1)/n * n];\
};\
}
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
