Vector: Let realloc do its job and thus avoid a UAF (a particularly nasty one)
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
Who even thought that copying from an old pointer passed to realloc() was a good idea? Me, apparently. Additionally, the entire point of this memcpy() was to copy the data over from the old buffer (which is already freed btw) to the new buffer, which is already done by realloc. That's the entire point of realloc. The data is copied over by realloc already. And even if the old pointer is not unmapped, we scrub freed memory with useless data, so the memcpy sets the vector's buffer to that useless data as well. I don't even know how I managed to introduce so many bugs into Vector. At least it should work properly now.
This commit is contained in:
parent
d41e5b7b74
commit
b8b8d20f5b
GPG Key ID:
B8A7D06E42258954
@ -178,10 +178,6 @@ template <typename T> class Vector
|
||||
|
||||
void* const ptr = TRY(realloc_impl(m_data, new_byte_capacity));
|
||||
|
||||
if (new_capacity < m_capacity) memcpy(ptr, m_data, new_byte_capacity);
|
||||
else
|
||||
memcpy(ptr, m_data, byte_capacity());
|
||||
|
||||
m_capacity = new_capacity;
|
||||
m_data = (T*)ptr;
|
||||
return {};
|
||||
|
||||
Loading…
Reference in New Issue
Block a user