[PATCH 1/5] tlsf_malloc: dummy_malloc: Share code for calloc()

[PATCH 1/5] tlsf_malloc: dummy_malloc: Share code for calloc()

[Andrey Smirnov]

Calloc() implementation for TLSF does not correctly check for malloc()
failure which can result in a NULL pointer exception when trying to
calloc() extra large buffers.

Since both TLSF and dummy malloc implementations of calloc() are
exactly the same, pick implementation for the latter (which does
aforementioned check) and share it between the two.

Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
---
 common/Makefile       |  4 ++--
 common/calloc.c       | 19 +++++++++++++++++++
 common/dummy_malloc.c | 13 -------------
 common/tlsf_malloc.c  | 16 ----------------
 4 files changed, 21 insertions(+), 31 deletions(-)
 create mode 100644 common/calloc.c

diff --git a/common/Makefile b/common/Makefile
index 13920cc5a..861365bd5 100644
--- a/common/Makefile
+++ b/common/Makefile
@@ -34,8 +34,8 @@ obj-$(CONFIG_GLOBALVAR)		+= globalvar.o
 obj-$(CONFIG_GREGORIAN_CALENDER) += date.o
 obj-$(CONFIG_KALLSYMS)		+= kallsyms.o
 obj-$(CONFIG_MALLOC_DLMALLOC)	+= dlmalloc.o
-obj-$(CONFIG_MALLOC_TLSF)	+= tlsf_malloc.o tlsf.o
-obj-$(CONFIG_MALLOC_DUMMY)	+= dummy_malloc.o
+obj-$(CONFIG_MALLOC_TLSF)	+= tlsf_malloc.o tlsf.o calloc.o
+obj-$(CONFIG_MALLOC_DUMMY)	+= dummy_malloc.o calloc.o
 obj-$(CONFIG_MEMINFO)		+= meminfo.o
 obj-$(CONFIG_MENU)		+= menu.o
 obj-$(CONFIG_MODULES)		+= module.o
diff --git a/common/calloc.c b/common/calloc.c
new file mode 100644
index 000000000..2b933ec27
--- /dev/null
+++ b/common/calloc.c
@@ -0,0 +1,19 @@
+#include <common.h>
+#include <malloc.h>
+
+/*
+ * calloc calls malloc, then zeroes out the allocated chunk.
+ */
+void *calloc(size_t n, size_t elem_size)
+{
+	size_t size = elem_size * n;
+	void *r = malloc(size);
+
+	if (!r)
+		return r;
+
+	memset(r, 0x0, size);
+
+	return r;
+}
+EXPORT_SYMBOL(calloc);
diff --git a/common/dummy_malloc.c b/common/dummy_malloc.c
index 641baa125..fa4f5d126 100644
--- a/common/dummy_malloc.c
+++ b/common/dummy_malloc.c
@@ -50,16 +50,3 @@ void *realloc(void *ptr, size_t size)
 {
 	BUG();
 }
-
-void *calloc(size_t n, size_t elem_size)
-{
-	size_t size = elem_size * n;
-	void *r = malloc(size);
-
-	if (!r)
-		return r;
-
-	memset(r, 0x0, size);
-
-	return r;
-}
diff --git a/common/tlsf_malloc.c b/common/tlsf_malloc.c
index a3541d825..aa3ab2397 100644
--- a/common/tlsf_malloc.c
+++ b/common/tlsf_malloc.c
@@ -39,22 +39,6 @@ void *malloc(size_t bytes)
 }
 EXPORT_SYMBOL(malloc);
 
-/*
- * calloc calls malloc, then zeroes out the allocated chunk.
- */
-void *calloc(size_t n, size_t elem_size)
-{
-	void *mem;
-	size_t sz;
-
-	sz = n * elem_size;
-	mem = malloc(sz);
-	memset(mem, 0, sz);
-
-	return mem;
-}
-EXPORT_SYMBOL(calloc);
-
 void free(void *mem)
 {
 	tlsf_free(tlsf_mem_pool, mem);
-- 
2.17.1


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

[PATCH 2/5] dummy_malloc: Make use of PTR_ALIGN

[Andrey Smirnov]

Drop explicit type cast and alignement code in favor of PTR_ALIGN

Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
---
 common/dummy_malloc.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/common/dummy_malloc.c b/common/dummy_malloc.c
index fa4f5d126..ab6712018 100644
--- a/common/dummy_malloc.c
+++ b/common/dummy_malloc.c
@@ -30,11 +30,9 @@ void malloc_stats(void)
 
 void *memalign(size_t alignment, size_t bytes)
 {
-	unsigned long mem = (unsigned long)sbrk(bytes + alignment);
+	void *mem = sbrk(bytes + alignment);
 
-	mem = (mem + alignment) & ~(alignment - 1);
-
-	return (void *)mem;
+	return PTR_ALIGN(mem, alignment);
 }
 
 void *malloc(size_t size)
-- 
2.17.1


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

[PATCH 3/5] dummy_malloc: Check if sbrk() fails

[Andrey Smirnov]

Add code to check if sbrk() fails as well as setting appropriate
'errno' for users that may rely on it for error reporting.

Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
---
 common/dummy_malloc.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/common/dummy_malloc.c b/common/dummy_malloc.c
index ab6712018..0120d9be2 100644
--- a/common/dummy_malloc.c
+++ b/common/dummy_malloc.c
@@ -32,6 +32,11 @@ void *memalign(size_t alignment, size_t bytes)
 {
 	void *mem = sbrk(bytes + alignment);
 
+	if (!mem) {
+		errno = ENOMEM;
+		return NULL;
+	}
+
 	return PTR_ALIGN(mem, alignment);
 }
 
-- 
2.17.1


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

[PATCH 4/5] tlsf_malloc: Set errno to ENOMEM on failure

[Andrey Smirnov]

Set errno to ENOMEM on failure so that correct error message can be
displayed by users who rely on errno.

Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
---
 common/tlsf_malloc.c | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/common/tlsf_malloc.c b/common/tlsf_malloc.c
index aa3ab2397..c8900fc6b 100644
--- a/common/tlsf_malloc.c
+++ b/common/tlsf_malloc.c
@@ -28,6 +28,7 @@ extern tlsf_pool tlsf_mem_pool;
 
 void *malloc(size_t bytes)
 {
+	void *mem;
 	/*
 	 * tlsf_malloc returns NULL for zero bytes, we instead want
 	 * to have a valid pointer.
@@ -35,7 +36,11 @@ void *malloc(size_t bytes)
 	if (!bytes)
 		bytes = 1;
 
-	return tlsf_malloc(tlsf_mem_pool, bytes);
+	mem = tlsf_malloc(tlsf_mem_pool, bytes);
+	if (!mem)
+		errno = ENOMEM;
+
+	return mem;
 }
 EXPORT_SYMBOL(malloc);
 
@@ -47,13 +52,21 @@ EXPORT_SYMBOL(free);
 
 void *realloc(void *oldmem, size_t bytes)
 {
-	return tlsf_realloc(tlsf_mem_pool, oldmem, bytes);
+	void *mem = tlsf_realloc(tlsf_mem_pool, oldmem, bytes);
+	if (!mem)
+		errno = ENOMEM;
+
+	return mem;
 }
 EXPORT_SYMBOL(realloc);
 
 void *memalign(size_t alignment, size_t bytes)
 {
-	return tlsf_memalign(tlsf_mem_pool, alignment, bytes);
+	void *mem = tlsf_memalign(tlsf_mem_pool, alignment, bytes);
+	if (!mem)
+		errno = ENOMEM;
+
+	return mem;
 }
 EXPORT_SYMBOL(memalign);
 
-- 
2.17.1


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

[PATCH 5/5] libfile: Error out if out of memory in read_file_2()

[Andrey Smirnov]

All other error cases in read_file_2() are handled gracefully, so
there shouldn't be any reason not do so for the case of trying to
allocate too much memory. This error path can be easily triggered
with:

barebox_update file-bigger-than-availible-ram.img

Currently this would result in a crash which is not really desirable
from user experience.

Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
---
 lib/libfile.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/lib/libfile.c b/lib/libfile.c
index 39c85b2fc..8f2aed230 100644
--- a/lib/libfile.c
+++ b/lib/libfile.c
@@ -185,7 +185,11 @@ again:
 		goto again;
 	}
 
-	buf = xzalloc(read_size + 1);
+	buf = calloc(read_size + 1, 1);
+	if (!buf) {
+		ret = -ENOMEM;
+		goto err_out;
+	}
 
 	fd = open(filename, O_RDONLY);
 	if (fd < 0) {
-- 
2.17.1


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

Re: [PATCH 1/5] tlsf_malloc: dummy_malloc: Share code for calloc()

[Sascha Hauer]

On Mon, Oct 15, 2018 at 10:00:17AM -0700, Andrey Smirnov wrote:
> Calloc() implementation for TLSF does not correctly check for malloc()
> failure which can result in a NULL pointer exception when trying to
> calloc() extra large buffers.
> 
> Since both TLSF and dummy malloc implementations of calloc() are
> exactly the same, pick implementation for the latter (which does
> aforementioned check) and share it between the two.
> 

Applied all, thanks

Sascha

> Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
> ---
>  common/Makefile       |  4 ++--
>  common/calloc.c       | 19 +++++++++++++++++++
>  common/dummy_malloc.c | 13 -------------
>  common/tlsf_malloc.c  | 16 ----------------
>  4 files changed, 21 insertions(+), 31 deletions(-)
>  create mode 100644 common/calloc.c
> 
> diff --git a/common/Makefile b/common/Makefile
> index 13920cc5a..861365bd5 100644
> --- a/common/Makefile
> +++ b/common/Makefile
> @@ -34,8 +34,8 @@ obj-$(CONFIG_GLOBALVAR)		+= globalvar.o
>  obj-$(CONFIG_GREGORIAN_CALENDER) += date.o
>  obj-$(CONFIG_KALLSYMS)		+= kallsyms.o
>  obj-$(CONFIG_MALLOC_DLMALLOC)	+= dlmalloc.o
> -obj-$(CONFIG_MALLOC_TLSF)	+= tlsf_malloc.o tlsf.o
> -obj-$(CONFIG_MALLOC_DUMMY)	+= dummy_malloc.o
> +obj-$(CONFIG_MALLOC_TLSF)	+= tlsf_malloc.o tlsf.o calloc.o
> +obj-$(CONFIG_MALLOC_DUMMY)	+= dummy_malloc.o calloc.o
>  obj-$(CONFIG_MEMINFO)		+= meminfo.o
>  obj-$(CONFIG_MENU)		+= menu.o
>  obj-$(CONFIG_MODULES)		+= module.o
> diff --git a/common/calloc.c b/common/calloc.c
> new file mode 100644
> index 000000000..2b933ec27
> --- /dev/null
> +++ b/common/calloc.c
> @@ -0,0 +1,19 @@
> +#include <common.h>
> +#include <malloc.h>
> +
> +/*
> + * calloc calls malloc, then zeroes out the allocated chunk.
> + */
> +void *calloc(size_t n, size_t elem_size)
> +{
> +	size_t size = elem_size * n;
> +	void *r = malloc(size);
> +
> +	if (!r)
> +		return r;
> +
> +	memset(r, 0x0, size);
> +
> +	return r;
> +}
> +EXPORT_SYMBOL(calloc);
> diff --git a/common/dummy_malloc.c b/common/dummy_malloc.c
> index 641baa125..fa4f5d126 100644
> --- a/common/dummy_malloc.c
> +++ b/common/dummy_malloc.c
> @@ -50,16 +50,3 @@ void *realloc(void *ptr, size_t size)
>  {
>  	BUG();
>  }
> -
> -void *calloc(size_t n, size_t elem_size)
> -{
> -	size_t size = elem_size * n;
> -	void *r = malloc(size);
> -
> -	if (!r)
> -		return r;
> -
> -	memset(r, 0x0, size);
> -
> -	return r;
> -}
> diff --git a/common/tlsf_malloc.c b/common/tlsf_malloc.c
> index a3541d825..aa3ab2397 100644
> --- a/common/tlsf_malloc.c
> +++ b/common/tlsf_malloc.c
> @@ -39,22 +39,6 @@ void *malloc(size_t bytes)
>  }
>  EXPORT_SYMBOL(malloc);
>  
> -/*
> - * calloc calls malloc, then zeroes out the allocated chunk.
> - */
> -void *calloc(size_t n, size_t elem_size)
> -{
> -	void *mem;
> -	size_t sz;
> -
> -	sz = n * elem_size;
> -	mem = malloc(sz);
> -	memset(mem, 0, sz);
> -
> -	return mem;
> -}
> -EXPORT_SYMBOL(calloc);
> -
>  void free(void *mem)
>  {
>  	tlsf_free(tlsf_mem_pool, mem);
> -- 
> 2.17.1
> 
> 
> _______________________________________________
> barebox mailing list
> barebox@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/barebox
> 

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox