Mercurial > hg > graal-compiler
comparison src/share/vm/utilities/growableArray.cpp @ 596:83ef1482304c
6806226: Signed integer overflow in growable array code causes JVM crash
Summary: Workaround the overflow by doing the intermediate calculations in an unsigned variable.
Reviewed-by: ysr, jcoomes
author | jmasa |
---|---|
date | Tue, 24 Feb 2009 22:12:24 -0800 |
parents | a61af66fc99e |
children | c18cbe5936b8 |
comparison
equal
deleted
inserted
replaced
582:a0576ae7045f | 596:83ef1482304c |
---|---|
41 } | 41 } |
42 } | 42 } |
43 #endif | 43 #endif |
44 | 44 |
45 void* GenericGrowableArray::raw_allocate(int elementSize) { | 45 void* GenericGrowableArray::raw_allocate(int elementSize) { |
46 assert(_max >= 0, "integer overflow"); | |
47 size_t byte_size = elementSize * (size_t) _max; | |
46 if (on_stack()) { | 48 if (on_stack()) { |
47 return (void*)resource_allocate_bytes(elementSize * _max); | 49 return (void*)resource_allocate_bytes(byte_size); |
48 } else if (on_C_heap()) { | 50 } else if (on_C_heap()) { |
49 return (void*)AllocateHeap(elementSize * _max, "GrET in " __FILE__); | 51 return (void*)AllocateHeap(byte_size, "GrET in " __FILE__); |
50 } else { | 52 } else { |
51 return _arena->Amalloc(elementSize * _max); | 53 return _arena->Amalloc(byte_size); |
52 } | 54 } |
53 } | 55 } |