base/security_unittest.cc - Issue 11857007: TCMalloc: restrict maximum size of memory ranges

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: base/security_unittest.cc

Issue 11857007: TCMalloc: restrict maximum size of memory ranges (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Disable test in ASAN. Created 7 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Index: base/security_unittest.cc

diff --git a/base/security_unittest.cc b/base/security_unittest.cc

new file mode 100644

index 0000000000000000000000000000000000000000..b8020e40d0cf4c22c7b21e5073dc83a9352df660

--- /dev/null

+++ b/base/security_unittest.cc

@@ -0,0 +1,31 @@

+// Use of this source code is governed by a BSD-style license that can be

+// found in the LICENSE file.

+#include <limits>

+#include "base/memory/scoped_ptr.h"

+#include "testing/gtest/include/gtest/gtest.h"

+namespace {

+// TODO(jln): list instead the known cases that fail (ASAN etc), so that

+// we can positively check that we support the cases we care about.

+#if !defined(NO_TCMALLOC) && !defined(ADDRESS_SANITIZER)

+ #define MAYBE_MemoryAllocationRestrictions AllocationRestrictions

+#else

+ #define MAYBE_MemoryAllocationRestrictions DISABLED_AllocationRestrictions

+#endif

+// Check that we can not allocate a continuous space that cannot be indexed

+// via an int. This is used to mitigate vulnerabilities in libraries that use

+// int instead of size_t.

+// See crbug.com/169327.

+TEST(SecurityTest, MAYBE_MemoryAllocationRestrictions) {

+ scoped_ptr<char, base::FreeDeleter>

+ ptr(static_cast<char*>(malloc((std::numeric_limits<int>::max)())));

Chris Evans 2013/01/11 19:51:51 Isn't it jusr std::numeric_limits<int>::max() ? To

jln (very slow on Chromium) 2013/01/11 20:02:04 That's because of Windows. Windows defines a macro

+ ASSERT_TRUE(ptr == NULL);

Chris Evans 2013/01/11 19:17:28 The behaviour of tcmalloc within Chromium is to ab

jln (very slow on Chromium) 2013/01/11 20:02:04 No, as discussed on the thread (I suspect this com

+ // TODO(jln): a lot more tests here.

+} // namespace