From mboxrd@z Thu Jan 1 00:00:00 1970 From: Hans de Goede Date: Fri, 4 Mar 2016 09:45:55 +0100 Subject: [U-Boot] [PATCH] malloc: handle free() before gd is set In-Reply-To: <1457079557-31419-1-git-send-email-swarren@wwwdotorg.org> References: <1457079557-31419-1-git-send-email-swarren@wwwdotorg.org> Message-ID: <56D94B43.3020505@redhat.com> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de Hi, On 04-03-16 09:19, Stephen Warren wrote: > On at least Ubuntu Xenial, free() can be called before main(). In this > case, U-Boot won't have set gd, so dereferencing it will crash. Check > whether gd is set before using it. > > While at it, apply the same fix to other functions. > > Signed-off-by: Stephen Warren > --- > common/dlmalloc.c | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > > diff --git a/common/dlmalloc.c b/common/dlmalloc.c > index 5ea37dfb6e4c..7453e63d6bf4 100644 > --- a/common/dlmalloc.c > +++ b/common/dlmalloc.c > @@ -2453,7 +2453,7 @@ void fREe(mem) Void_t* mem; > > #ifdef CONFIG_SYS_MALLOC_F_LEN > /* free() is a no-op - all the memory will be freed on relocation */ > - if (!(gd->flags & GD_FLG_FULL_MALLOC_INIT)) > + if (gd && !(gd->flags & GD_FLG_FULL_MALLOC_INIT)) > return; > #endif > I believe you want: + if (!gd || !(gd->flags & GD_FLG_FULL_MALLOC_INIT)) Instead, so that you actually go into the return; path when there is no gd. Regards, Hans > @@ -2609,7 +2609,7 @@ Void_t* rEALLOc(oldmem, bytes) Void_t* oldmem; size_t bytes; > if (oldmem == NULL) return mALLOc(bytes); > > #ifdef CONFIG_SYS_MALLOC_F_LEN > - if (!(gd->flags & GD_FLG_FULL_MALLOC_INIT)) { > + if (gd && !(gd->flags & GD_FLG_FULL_MALLOC_INIT)) { > /* This is harder to support and should not be needed */ > panic("pre-reloc realloc() is not supported"); > } > @@ -2985,7 +2985,7 @@ Void_t* cALLOc(n, elem_size) size_t n; size_t elem_size; > else > { > #ifdef CONFIG_SYS_MALLOC_F_LEN > - if (!(gd->flags & GD_FLG_FULL_MALLOC_INIT)) { > + if (gd && !(gd->flags & GD_FLG_FULL_MALLOC_INIT)) { > MALLOC_ZERO(mem, sz); > return mem; > } >