summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJordan Crouse <jordan.crouse@amd.com>2008-04-25 23:08:47 +0000
committerJordan Crouse <jordan.crouse@amd.com>2008-04-25 23:08:47 +0000
commit24a040475918ad2977a52677f59b10f7ce085afc (patch)
tree5305fda7cfdfff96c322c715c9c2bb1124b18f97
parentc781584936361a921a9f1f6b0491341aaae5c2b8 (diff)
downloadcoreboot-24a040475918ad2977a52677f59b10f7ce085afc.tar.xz
libpayload: Fix malloc allocation
Apparently the previous version worked on luck. Fix the allocation and add parens to better guide the compiler. Also, halt() if the heap is poisoned (like by an overrun). Finally, fix calloc() so that it actually works. Signed-off-by: Jordan Crouse <jordan.crouse@amd.com> Acked-by: Peter Stuge <peter@stuge.se> git-svn-id: svn://svn.coreboot.org/coreboot/trunk@3269 2b7e53f0-3cfb-0310-b3e9-8179ed1497e1
-rw-r--r--payloads/libpayload/libc/malloc.c13
1 files changed, 9 insertions, 4 deletions
diff --git a/payloads/libpayload/libc/malloc.c b/payloads/libpayload/libc/malloc.c
index e5bfd0650f..fe3d45bab8 100644
--- a/payloads/libpayload/libc/malloc.c
+++ b/payloads/libpayload/libc/malloc.c
@@ -67,7 +67,8 @@ void print_malloc_map(void);
static void setup(void)
{
- int size = (unsigned int)(_heap - _eheap) - HDRSIZE;
+ int size = (unsigned int)(&_eheap - &_heap) - HDRSIZE;
+
*((hdrtype_t *) hstart) = FREE_BLOCK(size);
}
@@ -91,9 +92,12 @@ static void *alloc(int len)
header = *((hdrtype_t *) ptr);
int size = SIZE(header);
+ if (!HAS_MAGIC(header) || size == 0)
+ halt();
+
if (header & FLAG_FREE) {
if (len <= size) {
- void *nptr = ptr + HDRSIZE + len;
+ void *nptr = ptr + (HDRSIZE + len);
int nsize = size - (len + 8);
/* Mark the block as used. */
@@ -102,6 +106,7 @@ static void *alloc(int len)
/* If there is still room in this block,
* then mark it as such.
*/
+
if (nsize > 0)
*((hdrtype_t *) nptr) =
FREE_BLOCK(nsize - 4);
@@ -184,8 +189,8 @@ void *malloc(size_t size)
void *calloc(size_t nmemb, size_t size)
{
- unsigned int total = (nmemb * size);
- void *ptr = alloc(size);
+ size_t total = nmemb * size;
+ void *ptr = alloc(total);
if (ptr)
memset(ptr, 0, total);