Closed wangqiim closed 1 year ago
emhash7和emhash6 有同样的bug,当rehash扩容时,如下代码发生coredump
emhash7
emhash6
emhash7::HashMap<int64_t, Wrapper> mp; // Wrapper是原地封装char[128]的结构体 mp.reserve(5e7);
以emhash6为例 https://github.com/ktprime/emhash/blob/6f4a2c3ae25c6d4ed19935d78fe9e847be5a193d/hash_table6.hpp#L1273 https://github.com/ktprime/emhash/blob/6f4a2c3ae25c6d4ed19935d78fe9e847be5a193d/hash_table6.hpp#L457-L460 https://github.com/ktprime/emhash/blob/6f4a2c3ae25c6d4ed19935d78fe9e847be5a193d/hash_table6.hpp#L112-L118 如上,malloc时uint32溢出。导致后面的memset越界coredump。感觉把AllocSize的返回值修改一下比较好,比如返回uint64_t或者返回sizeof(int)对应的类型
AllocSize
uint64_t
sizeof(int)
修改了AllocSize的返回值为uint64_t之后,我之前的测试可以通过
fix memory overflow,thanks report
emhash7
和emhash6
有同样的bug,当rehash扩容时,如下代码发生coredump以emhash6为例 https://github.com/ktprime/emhash/blob/6f4a2c3ae25c6d4ed19935d78fe9e847be5a193d/hash_table6.hpp#L1273 https://github.com/ktprime/emhash/blob/6f4a2c3ae25c6d4ed19935d78fe9e847be5a193d/hash_table6.hpp#L457-L460 https://github.com/ktprime/emhash/blob/6f4a2c3ae25c6d4ed19935d78fe9e847be5a193d/hash_table6.hpp#L112-L118 如上,malloc时uint32溢出。导致后面的memset越界coredump。感觉把
AllocSize
的返回值修改一下比较好,比如返回uint64_t
或者返回sizeof(int)
对应的类型