Fix realloc by updating the stored Layout. Previously the old Layout was copied over but not updated to account for the new size, resulting in all kinds of UB and memory corruption

ludfjig · ludfjig · commit 6458d472efc4 · 2024-12-02T23:55:05.000Z
Signed-off-by: Ludvig Liljenberg &lt;lliljenberg@microsoft.com&gt;
diff --git a/src/hyperlight_guest/src/memory.rs b/src/hyperlight_guest/src/memory.rs
@@ -88,8 +88,8 @@ pub extern "C" fn hlrealloc(ptr: *mut c_void, size: usize) -> *mut c_void {
             // Realloc failed
             abort_with_code(ErrorCode::MallocFailed as i32);
         } else {
-            // Return the pointer just after the layout information
-            // since old layout should still as it would have been copied
+            // Update the stored Layout, then return ptr to memory right after the Layout.
+            new_block_start.write(new_layout);
             new_block_start.add(1) as *mut c_void
         }
     }

Original file line number	Diff line number	Diff line change
`@@ -88,8 +88,8 @@ pub extern "C" fn hlrealloc(ptr: mut c_void, size: usize) -> mut c_void {`
`88`	`88`	`// Realloc failed`
`89`	`89`	`abort_with_code(ErrorCode::MallocFailed as i32);`
`90`	`90`	`} else {`
`91`		`- // Return the pointer just after the layout information`
`92`		`- // since old layout should still as it would have been copied`
	`91`	`+ // Update the stored Layout, then return ptr to memory right after the Layout.`
	`92`	`+ new_block_start.write(new_layout);`
`93`	`93`	`new_block_start.add(1) as *mut c_void`
`94`	`94`	`}`
`95`	`95`	`}`