Closed
Bug 1486711
Opened 6 years ago
Closed 6 years ago
Fill logically uninitialized parts of the string's buffer with a marker byte in debug builds
Categories
(Core :: XPCOM, defect)
Core
XPCOM
Tracking
()
RESOLVED
FIXED
mozilla64
Tracking | Status | |
---|---|---|
firefox64 | --- | fixed |
People
(Reporter: hsivonen, Assigned: hsivonen)
References
Details
Attachments
(1 file)
(Using post- bug 1482828 method names.) In order to detect bogus reads in debug builds, StartBulkWriteImpl() and FinishBulkWriteImpl() should fill logically uninitialized parts of the buffer with 0xA5 (and, if applicable, tell Valgrind and MemorySanitizer to mark these memory ranges as uninitialized in the shadow memory). If aNewSuffixStart is zero, StartBulkWriteImpl() should overwrite from index aPrefixToPreserve up to and including index newCapacity (after the memcpy/memmove operations). If aNewSuffixStart is not zero, StarkBulkWriteImpl() should overwrite from index aPrefixToPreserve up to but not including aNewSuffixStart and from aNewSuffixStart + aSuffixLength up to and including newCapacity (after the memcpy/memmove operations). FinishBulkWriteImpl() should overwrite from index aLength up to and including index Capacity().
Assignee | ||
Comment 1•6 years ago
|
||
From https://github.com/llvm-mirror/compiler-rt/blob/master/include/sanitizer/msan_interface.h : /* Make memory region fully uninitialized (without changing its contents). This is a legacy interface that does not update origin information. Use __msan_allocated_memory() instead. */ void __msan_poison(const volatile void *a, size_t size); /* Tell MSan about newly allocated memory (ex.: custom allocator). Memory will be marked uninitialized, with origin at the call site. */ void __msan_allocated_memory(const volatile void* data, size_t size);
Assignee | ||
Updated•6 years ago
|
Assignee: nobody → hsivonen
Status: NEW → ASSIGNED
Assignee | ||
Comment 2•6 years ago
|
||
https://phabricator.services.mozilla.com/D4657
Assignee | ||
Comment 3•6 years ago
|
||
MozReview-Commit-ID: IwLikJpacAW
Assignee | ||
Comment 4•6 years ago
|
||
(In reply to Henri Sivonen (:hsivonen) from comment #0) > If aNewSuffixStart is zero Checking the suffix length makes more sense when deciding if there's a suffix.
Assignee | ||
Comment 5•6 years ago
|
||
Try run: https://treeherder.mozilla.org/#/jobs?repo=try&revision=3bbac2beb469338e25eb13793b07fba2073d6225
Assignee | ||
Updated•6 years ago
|
Summary: Fill logically uninitialized parts of the strings buffer with a marker byte in debug builds → Fill logically uninitialized parts of the string's buffer with a marker byte in debug builds
Updated•6 years ago
|
Attachment #9005143 -
Attachment description: Bug 1486711 - Fill logically uninitialized parts of an XPCOM string'ss buffer with a marker byte in debug builds. → Bug 1486711 - Fill logically uninitialized parts of an XPCOM string's buffer with a marker byte in debug builds.
Comment 6•6 years ago
|
||
Comment on attachment 9005143 [details] Bug 1486711 - Fill logically uninitialized parts of an XPCOM string's buffer with a marker byte in debug builds. Nathan Froyd [:froydnj] has approved the revision.
Attachment #9005143 -
Flags: review+
Pushed by hsivonen@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/6b4b2b7324d9 Fill logically uninitialized parts of an XPCOM string's buffer with a marker byte in debug builds. r=froydnj
Comment 8•6 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/6b4b2b7324d9
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
status-firefox64:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla64
Updated•3 years ago
|
Component: String → XPCOM
You need to log in
before you can comment on or make changes to this bug.
Description
•