ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

CFSTORE - Fix crashed due to uninit data 

When the config store is powered down area_0_head is freed, but
area_0_len is not set to 0. This causes when cfstore_realloc_ex is
called, since on the first allocation it appears that the config store
size is decreasing, and therefore the data is not initialized.

Since the data is uninitiated various fields such as the reference
can have invalid values. On GCC_ARM built with heap stats enabled
this manifests as a crash due to an invalid reference count.

This patch fixes this problem by setting area_0_len to 0 when the data
is freed.
pull/3035/head
Russ Butler 2016-10-15 21:53:12 -05:00
parent 7bcc63b202
commit de8ce0e43e
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
features/storage/FEATURE_STORAGE/cfstore/source/configuration_store.c
View File

@ -4045,6 +4045,7 @@ static int32_t cfstore_uninitialise(void)
CFSTORE_FREE(ctx->area_0_head); CFSTORE_FREE(ctx->area_0_head);
ctx->area_0_head = NULL; ctx->area_0_head = NULL;
ctx->area_0_tail = NULL; ctx->area_0_tail = NULL;
ctx->area_0_len = 0;
} }
} }
out: out: