diff options
| author | William Wilgus <me.theuser@yahoo.com> | 2020-06-27 23:32:45 -0400 |
|---|---|---|
| committer | William Wilgus <me.theuser@yahoo.com> | 2020-07-15 13:29:21 +0000 |
| commit | 8577d5aea360f9925c1dda77b11f49967b601525 (patch) | |
| tree | 16e18228321851a1c4874416013354ada3424405 | |
| parent | 7d005335ba1af1eef4db83f9a0ebec121d38be80 (diff) | |
| download | rockbox-8577d5a.tar.gz rockbox-8577d5a.zip | |
Buflib_init Bugfix Minsize
when buflib_init is called with a buffer smaller than
sizeof(union buflib_data); size will be zero
Later when the alloc fails buflib will keep try to free items
in order to satisify the request this crashes in the sim
I suspect this behavior holds true on device as well
but I havent verified this as of yet.
patch adds minimal overhead to the buflib and panics when the size is too small
Change-Id: I46e510367fc1cac19ce01ee6f92d8cf0d65ef914
| -rw-r--r-- | firmware/buflib.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/firmware/buflib.c b/firmware/buflib.c index f909ab8333..0e90e7fe72 100644 --- a/firmware/buflib.c +++ b/firmware/buflib.c @@ -123,6 +123,12 @@ buflib_init(struct buflib_context *ctx, void *buf, size_t size) */ ctx->alloc_end = bd_buf; ctx->compact = true; + + if (size == 0) + { + BPANICF("buflib_init error (CTX:%p, %zd bytes):\n", ctx, + (ctx->handle_table - ctx->buf_start) * sizeof(union buflib_data)); + } } bool buflib_context_relocate(struct buflib_context *ctx, void *buf) |