Fix memory access check for fast string interning.

author: Mike Pall <mike> 2013-02-21 16:22:26 +0100
committer: Mike Pall <mike> 2013-02-21 16:22:26 +0100
commit: d4bc6ab756371b744f3e0030d5cf0b24bffdf24c (patch)
tree: 1d1c523f72448a8655f8a641022043d7a6cdda82 /src
parent: e7633dba1e446763454a7969ce7e27139debc6cd (diff)
download: luajit-d4bc6ab756371b744f3e0030d5cf0b24bffdf24c.tar.gz
luajit-d4bc6ab756371b744f3e0030d5cf0b24bffdf24c.tar.bz2
luajit-d4bc6ab756371b744f3e0030d5cf0b24bffdf24c.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lj_str.c b/src/lj_str.c
index e63d8628..6548ee4d 100644
--- a/src/lj_str.c
+++ b/src/lj_str.c
@@ -48,7 +48,7 @@ static LJ_AINLINE int str_fastcmp(const char *a, const char *b, MSize len)
 {
  MSize i = 0;
  lua_assert(len > 0);
-  lua_assert((((uintptr_t)a + len) & (LJ_PAGESIZE-1)) <= LJ_PAGESIZE-4);
+  lua_assert((((uintptr_t)a+len-1) & (LJ_PAGESIZE-1)) <= LJ_PAGESIZE-4);
  do {  /* Note: innocuous access up to end of string + 3. */
    uint32_t v = lj_getu32(a+i) ^ *(const uint32_t *)(b+i);
    if (v) {
@@ -121,7 +121,7 @@ GCstr *lj_str_new(lua_State *L, const char *str, size_t lenx)
  h ^= b; h -= lj_rol(b, 16);
  /* Check if the string has already been interned. */
  o = gcref(g->strhash[h & g->strmask]);
-  if (LJ_LIKELY((((uintptr_t)str + len) & (LJ_PAGESIZE-1)) <= LJ_PAGESIZE-4)) {
+  if (LJ_LIKELY((((uintptr_t)str+len-1) & (LJ_PAGESIZE-1)) <= LJ_PAGESIZE-4)) {
    while (o != NULL) {
      GCstr *sx = gco2str(o);
      if (sx->len == len && str_fastcmp(str, strdata(sx), len) == 0) {
author	Mike Pall <mike>	2013-02-21 16:22:26 +0100
committer	Mike Pall <mike>	2013-02-21 16:22:26 +0100
commit	d4bc6ab756371b744f3e0030d5cf0b24bffdf24c (patch)
tree	1d1c523f72448a8655f8a641022043d7a6cdda82 /src
parent	e7633dba1e446763454a7969ce7e27139debc6cd (diff)
download	luajit-d4bc6ab756371b744f3e0030d5cf0b24bffdf24c.tar.gz luajit-d4bc6ab756371b744f3e0030d5cf0b24bffdf24c.tar.bz2 luajit-d4bc6ab756371b744f3e0030d5cf0b24bffdf24c.zip

diff --git a/src/lj_str.c b/src/lj_str.c index e63d8628..6548ee4d 100644 --- a/src/lj_str.c +++ b/src/lj_str.c
@@ -48,7 +48,7 @@ static LJ_AINLINE int str_fastcmp(const char a, const char b, MSize len)
48	{	48	{
49	MSize i = 0;	49	MSize i = 0;
50	lua_assert(len > 0);	50	lua_assert(len > 0);
51	lua_assert((((uintptr_t)a + len) & (LJ_PAGESIZE-1)) <= LJ_PAGESIZE-4);	51	lua_assert((((uintptr_t)a+len-1) & (LJ_PAGESIZE-1)) <= LJ_PAGESIZE-4);
52	do { /* Note: innocuous access up to end of string + 3. */	52	do { /* Note: innocuous access up to end of string + 3. */
53	uint32_t v = lj_getu32(a+i) ^ (const uint32_t )(b+i);	53	uint32_t v = lj_getu32(a+i) ^ (const uint32_t )(b+i);
54	if (v) {	54	if (v) {
@@ -121,7 +121,7 @@ GCstr lj_str_new(lua_State L, const char *str, size_t lenx)
121	h ^= b; h -= lj_rol(b, 16);	121	h ^= b; h -= lj_rol(b, 16);
122	/* Check if the string has already been interned. */	122	/* Check if the string has already been interned. */
123	o = gcref(g->strhash[h & g->strmask]);	123	o = gcref(g->strhash[h & g->strmask]);
124	if (LJ_LIKELY((((uintptr_t)str + len) & (LJ_PAGESIZE-1)) <= LJ_PAGESIZE-4)) {	124	if (LJ_LIKELY((((uintptr_t)str+len-1) & (LJ_PAGESIZE-1)) <= LJ_PAGESIZE-4)) {
125	while (o != NULL) {	125	while (o != NULL) {
126	GCstr *sx = gco2str(o);	126	GCstr *sx = gco2str(o);
127	if (sx->len == len && str_fastcmp(str, strdata(sx), len) == 0) {	127	if (sx->len == len && str_fastcmp(str, strdata(sx), len) == 0) {