commit 659245773a7cad1954d975ea2e262c8a0c804689
parent 905575d9e6779d795e3f014e99c76c3189b38283
Author: Michael Forney <mforney@mforney.org>
Date: Thu, 25 Apr 2019 11:30:06 -0700
amd64/isel: Error if alloc size doesn't fit in Tmp slot type
Diffstat:
1 file changed, 2 insertions(+), 0 deletions(-)
diff --git a/amd64/isel.c b/amd64/isel.c
@@ -588,6 +588,8 @@ amd64_isel(Fn *fn)
err("invalid alloc size %"PRId64, sz);
sz = (sz + n-1) & -n;
sz /= 4;
+ if (sz > INT_MAX - fn->slot)
+ die("alloc too large");
fn->tmp[i->to.val].slot = fn->slot;
fn->slot += sz;
*i = (Ins){.op = Onop};