X-Git-Url: https://git.saurik.com/apple/dyld.git/blobdiff_plain/2fd3f4e8fd2c2f2c7d149fbea471d8b3fb56f15a..17a1d27dac9f840f614dcca486e07a34f9380394:/src/dyldNew.cpp

diff --git a/src/dyldNew.cpp b/src/dyldNew.cpp
index bd99cde..cf64f58 100644
--- a/src/dyldNew.cpp
+++ b/src/dyldNew.cpp
@@ -41,7 +41,7 @@ extern "C" void* __dso_handle;
 
 #if __LP64__
 	// room for about ~1000 initial dylibs
-	#define DYLD_POOL_CHUNK_SIZE 224*1024
+	#define DYLD_POOL_CHUNK_SIZE 200*1024
 #else
 	// room for about ~900 initial dylibs
 	#define DYLD_POOL_CHUNK_SIZE 150*1024
@@ -62,12 +62,16 @@ static dyld_static_pool* currentPool = &initialPool;
 
 void* malloc(size_t size)
 {
-	if ( dyld::gLibSystemHelpers != NULL) {
+	if ( (dyld::gLibSystemHelpers != NULL) && dyld::gProcessInfo->libSystemInitialized ) {
 		void* p = dyld::gLibSystemHelpers->malloc(size);
 		//dyld::log("malloc(%lu) => %p from libSystem\n", size, p);
 		return p;
 	}
 	else {
+		if ( size > DYLD_POOL_CHUNK_SIZE ) {
+			dyld::log("dyld malloc overflow: size=%zu\n", size);
+			exit(1);
+		}
 		size = (size+sizeof(void*)-1) & (-sizeof(void*)); // pointer align
 		uint8_t* result = currentPool->current;
 		currentPool->current += size;
@@ -102,8 +106,8 @@ void free(void* ptr)
 	// ignore any pointer within dyld (i.e. stuff from pool or static strings)
 	if ( (dyld::gLibSystemHelpers != NULL) && ((ptr < &__dso_handle) || (ptr >= &initialPoolContent[DYLD_POOL_CHUNK_SIZE])) ) {
 		// ignore stuff in any dynamically alloated dyld pools
-		for (dyld_static_pool* p = initialPool.previousPool; p != NULL; p = p->previousPool) {
-			if ( (p->pool < ptr) && (ptr < p->end) ) {
+		for (dyld_static_pool* p = currentPool; p != NULL; p = p->previousPool) {
+			if ( (p->pool <= ptr) && (ptr < p->end) ) {
 				// do nothing, pool entries can't be reclaimed
 				//dyld::log("free(%p) from dynamic pool\n", ptr);
 				return;
@@ -128,7 +132,13 @@ void* calloc(size_t count, size_t size)
 		return result;
 	}
 	else {
-		return malloc(count*size);
+		// Check for overflow of integer multiplication
+		size_t total = count * size;
+		if ( total/count != size ) {
+			dyld::log("dyld calloc overflow: count=%zu, size=%zu\n", count, size);
+			exit(1);
+		}
+		return malloc(total);
 	}
 }