projects / mono.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge pull request #901 from Blewzman/FixAggregateExceptionGetBaseException
[mono.git] / mono / metadata / sgen-los.c
diff --git a/mono/metadata/sgen-los.c b/mono/metadata/sgen-los.c
index 58f825903e25dd7bb0ea7e1aeef3a41dad177670..ca4aaebbadfacd40e4d66c34f612affbf135dd5e 100644 (file)
--- a/mono/metadata/sgen-los.c
+++ b/mono/metadata/sgen-los.c
@@ -334,6 +334,16 @@ sgen_los_alloc_large_inner (MonoVTable *vtable, size_t size)
        g_assert (size > SGEN_MAX_SMALL_OBJ_SIZE);
        g_assert ((size & 1) == 0);
 
+       /*
+        * size + sizeof (LOSObject) <= SIZE_MAX - (mono_pagesize () - 1)
+        *
+        * therefore:
+        *
+        * size <= SIZE_MAX - (mono_pagesize () - 1) - sizeof (LOSObject)
+        */
+       if (size > SIZE_MAX - (mono_pagesize () - 1) - sizeof (LOSObject))
+               return NULL;
+
 #ifdef LOS_DUMMY
        if (!los_segment)
                los_segment = sgen_alloc_os_memory (LOS_SEGMENT_SIZE, SGEN_ALLOC_HEAP | SGEN_ALLOC_ACTIVATE, NULL);
my mono mirror. check out Moved to http://github.com/mono/mono