[U-Boot] [PATCH] Prevent malloc with size 0
Joakim Tjernlund
joakim.tjernlund at transmode.se
Tue Oct 16 11:22:04 CEST 2012
Marek Vasut <marex at denx.de> wrote on 2012/10/16 08:31:20:
>
> Dear Graeme Russ,
>
> > On 04/03/2012 09:35 AM, Graeme Russ wrote:
> > > Hi Jocke
> > >
> > > And I really need to check, but I have a sneaking suspicion that as
the
> > > code currently stands in U-Boot/x86 dereferencing a NULL pointer
won't
> > > cause an exception. In x86, U-Boot configures all protected mode
segments
> > > to be 4GB starting at physical address 0x00000000 with no virtual
address
> > > translation. Accessing physical address 0x00000000 is just as valid
as
> > > accessing 0x00000001 (or any other address).
> > >
> > > Now if I set segments to start at 0x00000002 then I can trap a
> > > segmentation fault for accesses to 0x00000000 (NULL) and 0x00000001
> > > (malloc(0) pointer)
> > >
> > > That will mean that U-Boot cannot ever access those two bytes of
memory,
> > > but I doubt that I would ever want to. And I will need to set the
> > > segments to base address 0x00000000 before jumping into Linux...
> >
> > OK, this is not as easy as it sounds. Detecting NULL pointer
dereferences
> > will involve enabling paging[1] which is something I really do not
want to
> > do in U-Boot. Flat Protected Mode with a 4GB linear map is perfectly
fit
> > for purpose, and that is how the Linux kernel expects things to be
> > configured so it will be a major PITA to change.
> >
> > In short, returning non-NULL from malloc(0) and expecting a CPU
exception
> > when it is de-referenced is not going to fly.
> >
> > If we choose this path, at least put a debug() statement in to warn
when
> > malloc(0) is called.
> >
> > Regards,
> >
> > Graeme
> >
> > [1] Apparently the way do do it is to reserve the entire first 4kB
page and
> > mark it as 'not-present' so any access causes a page-fault.
>
> Ok, I don't mean to reopen this can of worms again ... but what're we
going to
> do about this patch?
Skip the idea to protect a page, this is too complicated for a boot
loader. Just
treat malloc(0) as malloc(1) internally.
Jocke
More information about the U-Boot
mailing list