From 416fd39f6a423ff767cc0fdb080192af783425ef Mon Sep 17 00:00:00 2001 From: Nathaniel Wesley Filardo Date: Sat, 21 Sep 2024 04:48:32 +0100 Subject: [PATCH] gcc UAF warning in test/perf/singlethread -malloc When building test/perf/singlethread to use the system allocator, gcc (Debian 14.2.0-3) correctly sees that we were using the value of a pointer after it had been passed to the privileged free(), which is UB. Flip the check and dealloc, so that we query the set of pointers we're tracking first, using the pointer while the allocation is still live. --- src/test/perf/singlethread/singlethread.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/test/perf/singlethread/singlethread.cc b/src/test/perf/singlethread/singlethread.cc index b8a995fb8..431d40d24 100644 --- a/src/test/perf/singlethread/singlethread.cc +++ b/src/test/perf/singlethread/singlethread.cc @@ -34,9 +34,9 @@ void test_alloc_dealloc(size_t count, size_t size, bool write) { auto it = set.begin(); void* p = *it; - alloc.dealloc(p, size); set.erase(it); SNMALLOC_CHECK(set.find(p) == set.end()); + alloc.dealloc(p, size); } // alloc 1x objects