eaglercraft/eagler-teavm-fork
1
0
Fork 0
mirror of https://github.com/Eaglercraft-TeaVM-Fork/eagler-teavm.git synced 2024-12-22 08:14:09 -08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix out of bounds access issue

Browse Source
This commit is contained in:
lax1dude 2024-11-09 19:40:42 -08:00
parent 73148353eb
commit 07293886db
1 changed files with 16 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
core/src/main/java/org/teavm/runtime/LaxMalloc.java
View File

@ -335,9 +335,10 @@ public final class LaxMalloc {
// set the chunk no longer in use // set the chunk no longer in use
chunkSize &= 0x7FFFFFFF; chunkSize &= 0x7FFFFFFF;
if (!chunkPtr.isLessThan(addrHeap(ADDR_HEAP_DATA_START))) { if (addrHeap(ADDR_HEAP_DATA_START).isLessThan(chunkPtr)) {
// check if we can merge with the previous chunk, and move it to another bucket
Address prevChunkPtr = chunkPtr.add(-(chunkPtr.add(-4).getInt())); Address prevChunkPtr = chunkPtr.add(-(chunkPtr.add(-4).getInt()));
if (!prevChunkPtr.isLessThan(addrHeap(ADDR_HEAP_DATA_START))) {
// check if we can merge with the previous chunk, and move it to another bucket
int prevChunkSize = readChunkSizeStatus(prevChunkPtr); int prevChunkSize = readChunkSizeStatus(prevChunkPtr);
if ((prevChunkSize & 0x80000000) == 0) { if ((prevChunkSize & 0x80000000) == 0) {
// previous chunk is not in use, merge! // previous chunk is not in use, merge!
@ -351,6 +352,7 @@ public final class LaxMalloc {
sizeChanged = true; sizeChanged = true;
} }
} }
}
Address nextChunkPtr = chunkPtr.add(chunkSize); Address nextChunkPtr = chunkPtr.add(chunkSize);
if (nextChunkPtr.isLessThan(addrHeap(ADDR_HEAP_INNER_LIMIT).getAddress())) { if (nextChunkPtr.isLessThan(addrHeap(ADDR_HEAP_INNER_LIMIT).getAddress())) {
@ -522,7 +524,7 @@ public final class LaxMalloc {
int bytesNeeded = newHeapInnerLimit.toInt() - heapOuterLimit.toInt(); int bytesNeeded = newHeapInnerLimit.toInt() - heapOuterLimit.toInt();
bytesNeeded = (bytesNeeded + 0xFFFF) & 0xFFFF0000; bytesNeeded = (bytesNeeded + 0xFFFF) & 0xFFFF0000;
Address newHeapOuterLimit = heapOuterLimit.add(bytesNeeded); Address newHeapOuterLimit = heapOuterLimit.add(bytesNeeded);
if (!getHeapMaxAddr().isLessThan(newHeapOuterLimit) && growHeapOuter(bytesNeeded >> 16) != -1) { if (!getHeapMaxAddr().isLessThan(newHeapOuterLimit) && growHeapOuter(bytesNeeded >>> 16) != -1) {
addrHeap(ADDR_HEAP_INNER_LIMIT).putAddress(newHeapInnerLimit); addrHeap(ADDR_HEAP_INNER_LIMIT).putAddress(newHeapInnerLimit);
addrHeap(ADDR_HEAP_OUTER_LIMIT).putAddress(newHeapOuterLimit); addrHeap(ADDR_HEAP_OUTER_LIMIT).putAddress(newHeapOuterLimit);
notifyHeapResized(); notifyHeapResized();