Improve a safety check when writing data into StatBuffer

The safety check should occur such that if the new value for
StatBuffer::cursor is beyond the bounds of the StatBuffer, the cursor
is not updated.

diff --git a/mono/profiler/proflog.c b/mono/profiler/proflog.c
index 7d4a3acc3ae08ed2a6e0a73222119527dce9c25c..99d6ad4bbe537f8b80eb66f2af5909b8005299c7 100644 (file)
--- a/mono/profiler/proflog.c
+++ b/mono/profiler/proflog.c
@@ -2074,10 +2074,11 @@ mono_sample_hit (MonoProfiler *profiler, unsigned char *ip, void *context)
        do {
                old_data = sbuf->cursor;
                new_data = old_data + SAMPLE_EVENT_SIZE_IN_SLOTS (bt_data.count);
+               if (new_data > sbuf->buf_end)
+                       return; /* Not enough room in buf to hold this event-- lost event */
                data = (uintptr_t *)InterlockedCompareExchangePointer ((void * volatile*)&sbuf->cursor, new_data, old_data);
        } while (data != old_data);
-       if (old_data >= sbuf->buf_end)
-               return; /* lost event */
+
        old_data [0] = 1 | (sample_type << 16) | (bt_data.count << 8);
        old_data [1] = thread_id ();
        old_data [2] = elapsed;