Skip to content

Commit aeed361

Browse files
shichunmaxiaoxiang781216
authored andcommitted
mm/gran: reject pools with too many granules
struct gran_s and struct graninfo_s store granule counts in uint16_t. Reject pools whose computed granule count exceeds UINT16_MAX, instead of truncating the count and creating an invalid handle. Signed-off-by: shichunma <shichunma@bestechnic.com>
1 parent 0f4f53f commit aeed361

1 file changed

Lines changed: 8 additions & 0 deletions

File tree

mm/mm_gran/mm_graninit.c

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -124,6 +124,14 @@ GRAN_HANDLE gran_initialize(FAR void *heapstart, size_t heapsize,
124124
alignedsize = (heapend - alignedstart) & ~mask;
125125
ngranules = alignedsize >> log2gran;
126126

127+
/* Reject oversized pools. */
128+
129+
DEBUGASSERT(ngranules > 0 && ngranules <= UINT16_MAX);
130+
if (ngranules == 0 || ngranules > UINT16_MAX)
131+
{
132+
return NULL;
133+
}
134+
127135
/* Allocate the information structure with a granule table of the
128136
* correct size.
129137
*/

0 commit comments

Comments
 (0)