From 4a61f9ff7e2ad058c578952e2a615a123dadeba2 Mon Sep 17 00:00:00 2001 From: David Chalco <59750547+dachalco@users.noreply.github.com> Date: Tue, 30 Jun 2020 11:03:30 -0700 Subject: [PATCH] Improvement to O.F. protections (#75) * Added protection for xQueueGenericCreate * prevent eventual invalid state change from int8 overflow * Append period at end of comment. To be consistent with file. * check operand, not destination * parantheses -- to not show assumptive precendence * Per request, less dependence on stdint by defining and checking against queueINT8_MAX instead --- queue.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/queue.c b/queue.c index b30d21215..f980c7f52 100644 --- a/queue.c +++ b/queue.c @@ -51,6 +51,7 @@ correct privileged Vs unprivileged linkage and placement. */ /* Constants used with the cRxLock and cTxLock structure members. */ #define queueUNLOCKED ( ( int8_t ) -1 ) #define queueLOCKED_UNMODIFIED ( ( int8_t ) 0 ) +#define queueINT8_MAX ( ( int8_t ) 127 ) /* When the Queue_t structure is used to represent a base queue its pcHead and pcTail members are used as pointers into the queue storage area. When the @@ -378,6 +379,9 @@ Queue_t * const pxQueue = xQueue; zero in the case the queue is used as a semaphore. */ xQueueSizeInBytes = ( size_t ) ( uxQueueLength * uxItemSize ); /*lint !e961 MISRA exception as the casts are only redundant for some ports. */ + /* Check for multiplication overflow. */ + configASSERT( ( uxItemSize == 0 ) || ( uxQueueLength == ( xQueueSizeInBytes / uxItemSize ) ) ); + /* Allocate the queue and storage area. Justification for MISRA deviation as follows: pvPortMalloc() always ensures returned memory blocks are aligned per the requirements of the MCU stack. In this case @@ -1092,6 +1096,8 @@ Queue_t * const pxQueue = xQueue; { /* Increment the lock count so the task that unlocks the queue knows that data was posted while it was locked. */ + configASSERT( cTxLock != queueINT8_MAX); + pxQueue->cTxLock = ( int8_t ) ( cTxLock + 1 ); } @@ -1257,6 +1263,8 @@ Queue_t * const pxQueue = xQueue; { /* Increment the lock count so the task that unlocks the queue knows that data was posted while it was locked. */ + configASSERT( cTxLock != queueINT8_MAX); + pxQueue->cTxLock = ( int8_t ) ( cTxLock + 1 ); } @@ -1856,6 +1864,8 @@ Queue_t * const pxQueue = xQueue; { /* Increment the lock count so the task that unlocks the queue knows that data was removed while it was locked. */ + configASSERT( cRxLock != queueINT8_MAX); + pxQueue->cRxLock = ( int8_t ) ( cRxLock + 1 ); } @@ -2919,6 +2929,8 @@ Queue_t * const pxQueue = xQueue; } else { + configASSERT( cTxLock != queueINT8_MAX); + pxQueueSetContainer->cTxLock = ( int8_t ) ( cTxLock + 1 ); } }