Chris Lattner 26008e07de implement rdar://5739832 - operator new should check for overflow in multiply, ...

causing clang to compile this code into something that correctly throws a
length error, fixing a potential integer overflow security attack:

void *test(long N) {
  return new int[N];
}

int main() {
  test(1L << 62);
}

We do this even when exceptions are disabled, because it is better for the
code to abort than for the attack to succeed.

This is heavily based on a patch that Fariborz wrote.

llvm-svn: 108915

2010-07-20 20:19:24 +00:00

80 KiB

Raw Blame History

View Raw