Skip to content

Commit

Permalink
Improve heap2 bounds checking (#224)
Browse files Browse the repository at this point in the history 
* Improve heap bounds checking in pvPortMalloc
  • Loading branch information
@cobusve
cobusve authored Dec 7, 2020
1 parent b5020cb commit c7a9a01
Show file tree
Hide file tree
Showing 4 changed files with 66 additions and 34 deletions.
19 changes: 13 additions & 6 deletions portable/MemMang/heap_1.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,6 @@
* https://www.FreeRTOS.org
* https://github.com/FreeRTOS
*
* 1 tab == 4 spaces!
*/


Expand Down Expand Up @@ -72,13 +71,20 @@ void * pvPortMalloc( size_t xWantedSize )
void * pvReturn = NULL;
static uint8_t * pucAlignedHeap = NULL;

/* Ensure that blocks are always aligned to the required number of bytes. */
/* Ensure that blocks are always aligned. */
#if ( portBYTE_ALIGNMENT != 1 )
{
if( xWantedSize & portBYTE_ALIGNMENT_MASK )
{
/* Byte alignment required. */
xWantedSize += ( portBYTE_ALIGNMENT - ( xWantedSize & portBYTE_ALIGNMENT_MASK ) );
/* Byte alignment required. Check for overflow. */
if ( (xWantedSize + ( portBYTE_ALIGNMENT - ( xWantedSize & portBYTE_ALIGNMENT_MASK ) )) > xWantedSize )
{
xWantedSize += ( portBYTE_ALIGNMENT - ( xWantedSize & portBYTE_ALIGNMENT_MASK ) );
}
else
{
xWantedSize = 0;
}
}
}
#endif
Expand All @@ -91,8 +97,9 @@ void * pvPortMalloc( size_t xWantedSize )
pucAlignedHeap = ( uint8_t * ) ( ( ( portPOINTER_SIZE_TYPE ) & ucHeap[ portBYTE_ALIGNMENT ] ) & ( ~( ( portPOINTER_SIZE_TYPE ) portBYTE_ALIGNMENT_MASK ) ) );
}

/* Check there is enough room left for the allocation. */
if( ( ( xNextFreeByte + xWantedSize ) < configADJUSTED_HEAP_SIZE ) &&
/* Check there is enough room left for the allocation and. */
if( ( xWantedSize > 0 ) && /* valid size */
( ( xNextFreeByte + xWantedSize ) < configADJUSTED_HEAP_SIZE ) &&
( ( xNextFreeByte + xWantedSize ) > xNextFreeByte ) ) /* Check for overflow. */
{
/* Return the next free byte then increment the index past this
Expand Down
24 changes: 17 additions & 7 deletions portable/MemMang/heap_2.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,6 @@
* https://www.FreeRTOS.org
* https://github.com/FreeRTOS
*
* 1 tab == 4 spaces!
*/

/*
Expand Down Expand Up @@ -132,21 +131,32 @@ void * pvPortMalloc( size_t xWantedSize )
xHeapHasBeenInitialised = pdTRUE;
}

/* The wanted size is increased so it can contain a BlockLink_t
/* The wanted size must be increased so it can contain a BlockLink_t
* structure in addition to the requested amount of bytes. */
if( xWantedSize > 0 )
if( ( xWantedSize > 0 ) &&
( ( xWantedSize + heapSTRUCT_SIZE ) > xWantedSize ) ) /* Overflow check */
{
xWantedSize += heapSTRUCT_SIZE;

/* Ensure that blocks are always aligned to the required number of bytes. */
if( ( xWantedSize & portBYTE_ALIGNMENT_MASK ) != 0 )
/* Byte alignment required. Check for overflow. */
if( ( xWantedSize + ( portBYTE_ALIGNMENT - ( xWantedSize & portBYTE_ALIGNMENT_MASK ) ) )
> xWantedSize )
{
/* Byte alignment required. */
xWantedSize += ( portBYTE_ALIGNMENT - ( xWantedSize & portBYTE_ALIGNMENT_MASK ) );
configASSERT( ( xWantedSize & portBYTE_ALIGNMENT_MASK ) == 0 );
}
else
{
xWantedSize = 0;
}
}
else
{
xWantedSize = 0;
}

if( ( xWantedSize > 0 ) && ( xWantedSize < configADJUSTED_HEAP_SIZE ) )

if( ( xWantedSize > 0 ) && ( xWantedSize <= xFreeBytesRemaining ) )
{
/* Blocks are stored in byte order - traverse the list from the start
* (smallest) block until one of adequate size is found. */
Expand Down
32 changes: 20 additions & 12 deletions portable/MemMang/heap_4.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,34 +136,42 @@ void * pvPortMalloc( size_t xWantedSize )
* kernel, so it must be free. */
if( ( xWantedSize & xBlockAllocatedBit ) == 0 )
{
/* The wanted size is increased so it can contain a BlockLink_t
/* The wanted size must be increased so it can contain a BlockLink_t
* structure in addition to the requested amount of bytes. */
if( xWantedSize > 0 )
if( ( xWantedSize > 0 ) &&
( ( xWantedSize + xHeapStructSize ) > xWantedSize ) ) /* Overflow check */
{
xWantedSize += xHeapStructSize;

/* Ensure that blocks are always aligned to the required number
* of bytes. */
/* Ensure that blocks are always aligned. */
if( ( xWantedSize & portBYTE_ALIGNMENT_MASK ) != 0x00 )
{
/* Byte alignment required. */
xWantedSize += ( portBYTE_ALIGNMENT - ( xWantedSize & portBYTE_ALIGNMENT_MASK ) );
configASSERT( ( xWantedSize & portBYTE_ALIGNMENT_MASK ) == 0 );
/* Byte alignment required. Check for overflow. */
if( ( xWantedSize + ( portBYTE_ALIGNMENT - ( xWantedSize & portBYTE_ALIGNMENT_MASK ) ) )
> xWantedSize )
{
xWantedSize += ( portBYTE_ALIGNMENT - ( xWantedSize & portBYTE_ALIGNMENT_MASK ) );
configASSERT( ( xWantedSize & portBYTE_ALIGNMENT_MASK ) == 0 );
}
else
{
xWantedSize = 0;
}
}
else
{
mtCOVERAGE_TEST_MARKER();
}
}
else
}
else
{
mtCOVERAGE_TEST_MARKER();
xWantedSize = 0;
}

if( ( xWantedSize > 0 ) && ( xWantedSize <= xFreeBytesRemaining ) )
{
/* Traverse the list from the start (lowest address) block until
* one of adequate size is found. */
* one of adequate size is found. */
pxPreviousBlock = &xStart;
pxBlock = xStart.pxNextFreeBlock;

Expand All @@ -174,7 +182,7 @@ void * pvPortMalloc( size_t xWantedSize )
}

/* If the end marker was reached then a block of adequate size
* was not found. */
* was not found. */
if( pxBlock != pxEnd )
{
/* Return the memory space pointed to - jumping over the
Expand Down
25 changes: 16 additions & 9 deletions portable/MemMang/heap_5.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,6 @@
* https://www.FreeRTOS.org
* https://github.com/FreeRTOS
*
* 1 tab == 4 spaces!
*/

/*
Expand Down Expand Up @@ -150,16 +149,24 @@ void * pvPortMalloc( size_t xWantedSize )
{
/* The wanted size is increased so it can contain a BlockLink_t
* structure in addition to the requested amount of bytes. */
if( xWantedSize > 0 )
if( ( xWantedSize > 0 ) &&
( ( xWantedSize + xHeapStructSize ) > xWantedSize ) ) /* Overflow check */
{
xWantedSize += xHeapStructSize;

/* Ensure that blocks are always aligned to the required number
* of bytes. */
/* Ensure that blocks are always aligned */
if( ( xWantedSize & portBYTE_ALIGNMENT_MASK ) != 0x00 )
{
/* Byte alignment required. */
xWantedSize += ( portBYTE_ALIGNMENT - ( xWantedSize & portBYTE_ALIGNMENT_MASK ) );
/* Byte alignment required. Check for overflow */
if( ( xWantedSize + ( portBYTE_ALIGNMENT - ( xWantedSize & portBYTE_ALIGNMENT_MASK ) ) ) >
xWantedSize )
{
xWantedSize += ( portBYTE_ALIGNMENT - ( xWantedSize & portBYTE_ALIGNMENT_MASK ) );
}
else
{
xWantedSize = 0;
}
}
else
{
Expand All @@ -168,13 +175,13 @@ void * pvPortMalloc( size_t xWantedSize )
}
else
{
mtCOVERAGE_TEST_MARKER();
xWantedSize = 0;
}

if( ( xWantedSize > 0 ) && ( xWantedSize <= xFreeBytesRemaining ) )
{
/* Traverse the list from the start (lowest address) block until
* one of adequate size is found. */
* one of adequate size is found. */
pxPreviousBlock = &xStart;
pxBlock = xStart.pxNextFreeBlock;

Expand All @@ -185,7 +192,7 @@ void * pvPortMalloc( size_t xWantedSize )
}

/* If the end marker was reached then a block of adequate size
* was not found. */
* was not found. */
if( pxBlock != pxEnd )
{
/* Return the memory space pointed to - jumping over the
Expand Down

0 comments on commit c7a9a01

Please sign in to comment.