diff options
author | Christoph Müllner <christoph.muellner@theobroma-systems.com> | 2019-05-05 20:37:51 +0200 |
---|---|---|
committer | Heiko Stuebner <heiko@sntech.de> | 2019-08-11 11:26:41 +0200 |
commit | b139d57761c6eb745e9f957b3f1f1955bf3652f2 (patch) | |
tree | 1f869eb832a6a4125a32a0bf68ccfe6c3d2776b7 | |
parent | 733522c1443489b8038c93ea6a2ff89fbe413b3b (diff) |
malloc-simple: Hang if alloc space is exhausted.
In general code should check if calls to malloc() return NULL.
Additionally functions should check return values for errors.
However, that's not mandatory. There is quite some code in U-Boot,
which does not check results of invocations and silently ingores
them. Most likely this is caused by developers, which don't see
how a certain code could ever fail. But they don't see that code
can and will change in future and break previously valid assumptions.
This patch protects from writing to NULL, by introducing an endless
loop in case the alloc space is exhausted.
Signed-off-by: Christoph Müllner <christoph.muellner@theobroma-systems.com>
-rw-r--r-- | common/malloc_simple.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/common/malloc_simple.c b/common/malloc_simple.c index 2467e636eb..56f729fae2 100644 --- a/common/malloc_simple.c +++ b/common/malloc_simple.c @@ -23,6 +23,7 @@ static void *alloc_simple(size_t bytes, int align) gd->malloc_limit); if (new_ptr > gd->malloc_limit) { pr_err("alloc space exhausted\n"); + for (;;); return NULL; } |