bugfix(memory): Harden memory manager edge cases#2744
Conversation
|
| Filename | Overview |
|---|---|
| Core/GameEngine/Source/Common/System/GameMemory.cpp | Adds blobCount > 1 guard in releaseEmpties() to preserve the last blob, and adds sized operator delete/operator delete[] overloads routing through TheDynamicMemoryAllocator. |
| Core/GameEngine/Source/Common/System/GameMemoryInit.cpp | Replaces unbounded sscanf with a hardened parseMemoryPoolOverrideLine() that enforces a name-length cap, strtol-based numeric parsing with ERANGE checks, and test-hook gating under MEMORY_MANAGER_HARDENING_TESTS. |
| Core/GameEngine/Source/Common/System/GameMemoryNull.cpp | Adds sized operator delete(void*, size_t) and operator delete[](void*, size_t) stubs that discard the size and forward to free(), matching the real allocator additions. |
| Core/GameEngine/Include/Common/GameMemory.h | Adds userMemoryManagerParsePoolOverrideLineForTest declaration behind MEMORY_MANAGER_HARDENING_TESTS guard for white-box unit testing of the new parser. |
Prompt To Fix All With AI
Fix the following 1 code review issue. Work through them one at a time, proposing concise fixes.
---
### Issue 1 of 1
Core/GameEngine/Source/Common/System/GameMemoryInit.cpp:113-121
The `; comment` fast-path check runs before leading whitespace is stripped, so a line like `" ; this is a comment"` will not be caught here. Instead, it falls through to the name-token loop where `";"` gets parsed as the pool name, and only fails later when `strtol` finds no valid integer. The function still returns `false` (no data is corrupted), but the comment-detection intent is defeated. Moving the check to after the whitespace-skip makes the behavior match the documented purpose.
```suggestion
const char* cursor = line;
while (isspace(static_cast<unsigned char>(*cursor)))
++cursor;
if (*cursor == '\0' || *cursor == ';')
return false;
```
Reviews (2): Last reviewed commit: "bugfix(memory): Harden memory manager ed..." | Re-trigger Greptile
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
Prevent MemoryPool::releaseEmpties() from freeing the final blob so fixed-size pools remain allocatable after cleanup. Parse MemoryPools.ini override lines with bounded token handling so malformed or overlong pool names cannot overflow the local buffer or alter defaults accidentally. Add sized scalar and array delete overloads for both real and null memory manager builds so VS2022/C++20 sized deallocation paths free through the same allocator routes as existing unsized deletes. Validation: openspec validate memory-manager-hardening --type change --strict; Release z_gameengine builds for real and null memory-manager configurations.
IbrahimAlzaidi
force-pushed
the
bugfix/memory_manager_hardening
branch
from
53f566d to
2bce9ef
Compare
xezon
left a comment
xezon
left a comment
There was a problem hiding this comment.
If these are 3 isolated fixes/improvements, then they need to go into individual pulls.
| // SYSTEM INCLUDES | ||
| #include <ctype.h> | ||
| #include <errno.h> | ||
| #include <stdlib.h> |
There was a problem hiding this comment.
ctype.h and stdlib.h already come with PreRTS.h
errno.h is maybe already included as well.
2 participants
Prevent MemoryPool::releaseEmpties() from freeing the final blob so fixed-size pools remain allocatable after cleanup.
Parse MemoryPools.ini override lines with bounded token handling so malformed or overlong pool names cannot overflow the local buffer or alter defaults accidentally.
Add sized scalar and array delete overloads for both real and null memory manager builds so VS2022/C++20 sized deallocation paths free through the same allocator routes as existing unsized deletes.