...
In this non compliant code a struct of type A is allocated on the memory region of s.B. The problem is that A has a member of type unsigned long which on IA32 systems is required to be aligned to 4. However B is an array of unsigned chars inside S and is not aligned to 4. After the call to new, the pointer a is pointing to an unaligned memory address. Writing val into a->i can cause the program to terminate abnormally.
| Code Block | ||
|---|---|---|
| ||
int num = 5; if (num * sizeof(SomeClass) > SIZE_MAX) { /* handle error */ } SomeClass *sc = static_cast<SomeClass*>(malloc(sizeof(SomeClass)*num)); if (sc == NULL) { /* handle error */ } // initialize sc array // ... // destroy sc free(sc); struct A{ unsigned long i; }; struct S{ unsigned char x; unsigned char B[sizeof(A)]; }s; int main() { A *a = new(&s.B[0]) A; unsigned long val = 0xaabbccdd; a->i = val; return (0); } |
Compliant Solution
The following is a compliant solution on a IA32 system using either GCC or Microsoft's Visual Studio. In this solution the macro ALIGN was added to ensure alignment when compiling with both Microsoft VS compiler and g++ . The ALIGN macro calls either _declspec(align(#)) or _attribute_((aligned(#)))) to enforce alignment on a particular variable. In this case it is used on B to make it aligned to 4, which is the alignment restriction for unsigned long.
...