jcs.org / u-boot
"Das U-Boot" Source Tree
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

common/spl: improve error handling in spl_fit

This fix a possible NULL pointer dereference.

There is also a risk of memory leaking within the same portion of code.
The leak will happen if loaded image is bad or damaged. In this case
u-boot-spl will try booting from the other available media. Unfortunately
resources allocated for previous boot media will NOT be freed.

We can't fix that issue as the memory allocation mechanism used here
is unknown. It can be different kinds of malloc() or something else.

To somewhat reduce memory consumption, one can try to reuse previously
allocated memory as it's done in board_spl_fit_buffer_addr() from
test/image/spl_load.c.

The corresponding comment was put to the code as well.

Signed-off-by: Mikhail Kshevetskiy <mikhail.kshevetskiy@iopsys.eu>
Reviewed-by: Anshul Dalal <anshuld@ti.com>

authored by

Mikhail Kshevetskiy and committed by
Tom Rini 8bb9c275 3eb43c54

+39 -1
+39 -1
common/spl/spl_fit.c
··· 703 703 */ 704 704 size = get_aligned_image_size(info, size, 0); 705 705 buf = board_spl_fit_buffer_addr(size, size, 1); 706 + if (!buf) { 707 + /* 708 + * We assume that none of the board will ever use 0x0 as a 709 + * valid load address. Theoretically some board could use it, 710 + * but this is extremely unlikely. 711 + */ 712 + return -EIO; 713 + } 706 714 707 715 count = info->read(info, offset, size, buf); 716 + if (!count) { 717 + /* 718 + * FIT could not be read. This means we should free the 719 + * memory allocated by board_spl_fit_buffer_addr(). 720 + * Unfortunately, we don't know what memory allocation 721 + * mechanism was used: 722 + * - For the SPL_SYS_MALLOC_SIMPLE case nothing could 723 + * be done. The memory just could not be freed. 724 + * - For statically allocated memory buffer we can try 725 + * to reuse previously allocated memory (example: 726 + * board_spl_fit_buffer_addr() function from the 727 + * file test/image/spl_load.c). 728 + * - For normall malloc() -- memory leak can't be easily 729 + * avoided. To somehow reduce memory consumption the 730 + * next calls of board_spl_fit_buffer_addr() could 731 + * reallocate previously allocated buffer and use 732 + * them again. This is somethat similar to the approach 733 + * used for statically allocated buffer. 734 + * 735 + * Please note: 736 + * - FIT images with data placed outside of the FIT 737 + * structure will cause small memory leak (several 738 + * kilobytes), 739 + * - FIT images with data placed inside to the FIT 740 + * structure may cause huge memory leak (up to 741 + * several megabytes). Do NOT use such images! 742 + */ 743 + return -EIO; 744 + } 745 + 708 746 ctx->fit = buf; 709 747 debug("fit read offset %lx, size=%lu, dst=%p, count=%lu\n", 710 748 offset, size, buf, count); 711 749 712 - return (count == 0) ? -EIO : 0; 750 + return 0; 713 751 } 714 752 715 753 static int spl_simple_fit_parse(struct spl_fit_info *ctx)