PR#5115: harden all byterun/fail.c exceptions against caml_global_data#947
PR#5115: harden all byterun/fail.c exceptions against caml_global_data#947gasche merged 1 commit intoocaml:trunkfrom
Conversation
xavierleroy
left a comment
xavierleroy
left a comment
There was a problem hiding this comment.
Apart from those two details, I'm OK with these changes.
byterun/fail.c
Outdated
|
|
||
| CAMLexport void caml_array_bound_error(void) | ||
| { | ||
| check_global_data_param("Invalid_argument", "index out of bounds"); |
There was a problem hiding this comment.
This check is redundant with the one done in caml_invalid_argument.
byterun/fail.c
Outdated
| if (caml_global_data == 0) { | ||
| fprintf(stderr, "Fatal error: caml_is_special_exception\n"); | ||
| exit(2); | ||
| } |
There was a problem hiding this comment.
It would be better to return 0 in case caml_global_data == 0. Reason: caml_is_special_exception is used only in caml_format_exception to produce a more readable textual representation of some exceptions. It is better to fall back to the general, less readable representation than to abort with a fatal error.
gasche
force-pushed
the
protect-caml_global_data
branch
from
14d7499 to
1cd79f7
Compare
|
Thanks, I updated the PR. I will let the continuous integration proceed, then probably merge it. (I checked that turning either of these functions' checks to always-fail breaks the build of the compiler distribution or the testsuite.) |
|
@gasche Can you rebase this and merge? |
gasche
force-pushed
the
protect-caml_global_data
branch
from
1cd79f7 to
068745d
Compare
In SVN commit 10793 ( git commit f67d5c8 ), the bytecode runtime implementations of caml_{failwith,invalid_argument} were hardened to work when caml_global_data was not yet initialized. This is required as those exception-raising functions are called by demarshalling routines in intern.c, and could be called from there during caml_global_data initialization by the bytecode runtime. However, the code of intern.c also contains calls to other exception-raising functions such as, currently, caml_raise_out_of_memory and caml_end_of_file. This change defensively protects all accesses to caml_global_data in byterun/fail.c. (Only the bytecode versions of caml_raise_* are changed, there is no difference for the native runtime.)
PR#5115: harden all byterun/fail.c exceptions against caml_global_data
3 participants
In SVN commit 10793 ( git commit
f67d5c8 ), the bytecode runtime
implementations of
caml_{failwith,invalid_argument}were hardened towork when
caml_global_datawas not yet initialized. This is requiredas those exception-raising functions are called by demarshalling
routines in
intern.c, and could be called from there duringcaml_global_datainitialization by the bytecode runtime.However, the code of
intern.calso contains calls to otherexception-raising functions such as, currently,
caml_raise_out_of_memoryandcaml_end_of_file. This change defensivelyprotects all accesses to
caml_global_datainbyterun/fail.c.(Only the bytecode versions of
caml_raise_*are changed, there is nodifference for the native runtime.)