runtime: ensure the fixalloc object size is valid

Usually, fixalloc is used to allocate small, persistent and reuseable
objects. The size is typically between range [sizeof(mlink), _FixAllocChunk].

It's rare for being out of the range. But if it did happen, we got a
hard-to-discover memory corruption. This commit prevents that situation by limiting object's size.

Change-Id: If6ef8b0831596464e0f55d09f79094b79ae08c66
GitHub-Last-Rev: cb8b1b01bb
GitHub-Pull-Request: golang/go#47395
Reviewed-on: https://go-review.googlesource.com/c/go/+/337429
Reviewed-by: Austin Clements <austin@google.com>
Run-TryBot: Austin Clements <austin@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Trust: Cherry Mui <cherryyz@google.com>
This commit is contained in:
Hans 2021-07-28 05:57:25 +00:00 committed by Austin Clements
parent 69107e73ce
commit 90ed541149

View file

@ -50,6 +50,13 @@ type mlink struct {
// Initialize f to allocate objects of the given size,
// using the allocator to obtain chunks of memory.
func (f *fixalloc) init(size uintptr, first func(arg, p unsafe.Pointer), arg unsafe.Pointer, stat *sysMemStat) {
if size > _FixAllocChunk {
throw("runtime: fixalloc size too large")
}
if min := unsafe.Sizeof(mlink{}); size < min {
size = min
}
f.size = size
f.first = first
f.arg = arg