From 497d561019ca90709a5db4b27dbc11548a817d59 Mon Sep 17 00:00:00 2001 From: Alexis Campailla Date: Mon, 2 Feb 2015 16:11:55 +0100 Subject: [PATCH] Fix AV in AllocHeapBlock --- src/Win32_Interop/Win32_QFork.cpp | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/src/Win32_Interop/Win32_QFork.cpp b/src/Win32_Interop/Win32_QFork.cpp index 0acdf086418..17338f62a51 100644 --- a/src/Win32_Interop/Win32_QFork.cpp +++ b/src/Win32_Interop/Win32_QFork.cpp @@ -30,6 +30,7 @@ #include #include #include +#include #define QFORK_MAIN_IMPL #include "Win32_QFork.h" @@ -1170,9 +1171,16 @@ LPVOID AllocHeapBlock(size_t size, BOOL allocateHigh) { } int contiguousBlocksToAllocate = (int)(size / g_pQForkControl->heapBlockSize); + if (contiguousBlocksToAllocate > g_pQForkControl->availableBlocksInHeap) { + errno = ENOMEM; + return retPtr; + } + size_t mapped = 0; - int startIndex = allocateHigh ? g_pQForkControl->availableBlocksInHeap - 1 : contiguousBlocksToAllocate - 1; - int endIndex = allocateHigh ? -1 : g_pQForkControl->availableBlocksInHeap - contiguousBlocksToAllocate + 1; + int startIndex = allocateHigh ? g_pQForkControl->availableBlocksInHeap - 1 : 0; + int endIndex = allocateHigh ? + contiguousBlocksToAllocate - 2 : + g_pQForkControl->availableBlocksInHeap - contiguousBlocksToAllocate + 1; int direction = allocateHigh ? -1 : 1; int blockIndex = 0; int contiguousBlocksFound = 0; @@ -1180,6 +1188,9 @@ LPVOID AllocHeapBlock(size_t size, BOOL allocateHigh) { blockIndex != endIndex; blockIndex += direction) { for (int n = 0; n < contiguousBlocksToAllocate; n++) { + assert((blockIndex + n * direction >= 0) && + (blockIndex + n * direction < g_pQForkControl->availableBlocksInHeap)); + if (g_pQForkControl->heapBlockMap[blockIndex + n * direction] == BlockState::bsUNMAPPED) { contiguousBlocksFound++; }