diff options
author | Jordan Crouse <jordan.crouse@amd.com> | 2008-04-25 23:08:47 +0000 |
---|---|---|
committer | Jordan Crouse <jordan.crouse@amd.com> | 2008-04-25 23:08:47 +0000 |
commit | 24a040475918ad2977a52677f59b10f7ce085afc (patch) | |
tree | 5305fda7cfdfff96c322c715c9c2bb1124b18f97 | |
parent | c781584936361a921a9f1f6b0491341aaae5c2b8 (diff) | |
download | coreboot-24a040475918ad2977a52677f59b10f7ce085afc.tar.xz |
libpayload: Fix malloc allocation
Apparently the previous version worked on luck. Fix the allocation
and add parens to better guide the compiler. Also, halt() if
the heap is poisoned (like by an overrun). Finally, fix calloc()
so that it actually works.
Signed-off-by: Jordan Crouse <jordan.crouse@amd.com>
Acked-by: Peter Stuge <peter@stuge.se>
git-svn-id: svn://svn.coreboot.org/coreboot/trunk@3269 2b7e53f0-3cfb-0310-b3e9-8179ed1497e1
-rw-r--r-- | payloads/libpayload/libc/malloc.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/payloads/libpayload/libc/malloc.c b/payloads/libpayload/libc/malloc.c index e5bfd0650f..fe3d45bab8 100644 --- a/payloads/libpayload/libc/malloc.c +++ b/payloads/libpayload/libc/malloc.c @@ -67,7 +67,8 @@ void print_malloc_map(void); static void setup(void) { - int size = (unsigned int)(_heap - _eheap) - HDRSIZE; + int size = (unsigned int)(&_eheap - &_heap) - HDRSIZE; + *((hdrtype_t *) hstart) = FREE_BLOCK(size); } @@ -91,9 +92,12 @@ static void *alloc(int len) header = *((hdrtype_t *) ptr); int size = SIZE(header); + if (!HAS_MAGIC(header) || size == 0) + halt(); + if (header & FLAG_FREE) { if (len <= size) { - void *nptr = ptr + HDRSIZE + len; + void *nptr = ptr + (HDRSIZE + len); int nsize = size - (len + 8); /* Mark the block as used. */ @@ -102,6 +106,7 @@ static void *alloc(int len) /* If there is still room in this block, * then mark it as such. */ + if (nsize > 0) *((hdrtype_t *) nptr) = FREE_BLOCK(nsize - 4); @@ -184,8 +189,8 @@ void *malloc(size_t size) void *calloc(size_t nmemb, size_t size) { - unsigned int total = (nmemb * size); - void *ptr = alloc(size); + size_t total = nmemb * size; + void *ptr = alloc(total); if (ptr) memset(ptr, 0, total); |