CloudEdge/FreeRTOS-Kernel
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix NULL pointer dereference in vPortGetHeapStats

Browse Source 
When the heap is exhausted (no free block), start and end markers are
the only blocks present in the free block list:

     +---------------+     +-----------> NULL
     |               |     |
     |               V     |
+ ----- +            + ----- +
|   |   |            |   |   |
|   |   |            |   |   |
+ ----- +            + ----- +
  xStart               pxEnd

The code block which traverses the list of free blocks to calculate heap
stats used a do..while loop that moved past the end marker when the heap
had no free block resulting in a NULL pointer dereference. This commit
changes the do..while loop to while loop thereby ensuring that we never
move past the end marker.

This was reported here - https://github.com/FreeRTOS/FreeRTOS-Kernel/issues/534

Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
This commit is contained in:
Gaurav Aggarwal 2022-08-04 16:41:33 +05:30 committed by Paul Bartell
parent dc9c034c85
commit 618e165fa7
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
portable/MemMang/heap_4.c
View File

@ -494,7 +494,7 @@ void vPortGetHeapStats( HeapStats_t * pxHeapStats )
* is initialised automatically when the first allocation is made. */ * is initialised automatically when the first allocation is made. */
if( pxBlock != NULL ) if( pxBlock != NULL )
{ {
do while( pxBlock != pxEnd )
{ {
/* Increment the number of blocks and record the largest block seen /* Increment the number of blocks and record the largest block seen
* so far. */ * so far. */
@ -513,7 +513,7 @@ void vPortGetHeapStats( HeapStats_t * pxHeapStats )
/* Move to the next block in the chain until the last block is /* Move to the next block in the chain until the last block is
* reached. */ * reached. */
pxBlock = pxBlock->pxNextFreeBlock; pxBlock = pxBlock->pxNextFreeBlock;
} while( pxBlock != pxEnd ); }
} }
} }
( void ) xTaskResumeAll(); ( void ) xTaskResumeAll();

4
portable/MemMang/heap_5.c
View File

@ -544,7 +544,7 @@ void vPortGetHeapStats( HeapStats_t * pxHeapStats )
* is initialised automatically when the first allocation is made. */ * is initialised automatically when the first allocation is made. */
if( pxBlock != NULL ) if( pxBlock != NULL )
{ {
do while( pxBlock != pxEnd )
{ {
/* Increment the number of blocks and record the largest block seen /* Increment the number of blocks and record the largest block seen
* so far. */ * so far. */
@ -569,7 +569,7 @@ void vPortGetHeapStats( HeapStats_t * pxHeapStats )
/* Move to the next block in the chain until the last block is /* Move to the next block in the chain until the last block is
* reached. */ * reached. */
pxBlock = pxBlock->pxNextFreeBlock; pxBlock = pxBlock->pxNextFreeBlock;
} while( pxBlock != pxEnd ); }
} }
} }
( void ) xTaskResumeAll(); ( void ) xTaskResumeAll();