Bug 47107

GemStone/S 64 Bit

3.3.9, 3.3.8, 3.3.7, 3.3.6, 3.3.5, 3.3.4, 3.3.3, 3.3.1, 3.3, earlier versions

3.4

Risk of SEGV when accessing hidden classes, such as done by CanonicalObjectManager

Sending a message to the results of the private primitive method Object >> _primitiveAt: has a risk of SEGV, when used with with instances of internal, hidden classes LargeObjectNode oe NscNode that compose a large byte-based object. The risk further depends on bit patterns of the object.

Instance of internal, hidden classes are normally not accessible from the Smalltalk image, but may be returned by maintenance methods, such as the contents of system sets, find references, System >> _writtenObjects, etc.

The Object Canonicalization Framework performs some low-level accesses, and is exposed to this bug.

Workaround

Code that sends _primitiveAt: is expected to check the size using _primitiveSize, and not invoke _primitiveAt: for indexes outside that range. Overriding the _primitiveSize for the NscNode and LargeObjectNode internal classes avoids problems when using the results of _primitiveSize to iterate using _primitiveAt:, such as in CanonicalObjectManager.

This code must be executed as SystemUser.

method: @211969
_primitiveSize
 ^ 0
%
method: @209409
_primitiveSize
 ^ 0
%
commit


Last updated: 8/17/17