From d05b9c123f2bf9090bce386a244fc934ae44db5b Mon Sep 17 00:00:00 2001 From: Cobus van Eeden <35851496+cobusve@users.noreply.github.com> Date: Mon, 7 Dec 2020 11:07:31 -0800 Subject: [PATCH 1/2] Add addition overflow check for stream buffer (#226) --- stream_buffer.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/stream_buffer.c b/stream_buffer.c index 03cfc0615..fec03a781 100644 --- a/stream_buffer.c +++ b/stream_buffer.c @@ -258,8 +258,16 @@ static void prvInitialiseNewStreamBuffer( StreamBuffer_t * const pxStreamBuffer, * this is a quirk of the implementation that means otherwise the free * space would be reported as one byte smaller than would be logically * expected. */ - xBufferSizeBytes++; - pucAllocatedMemory = ( uint8_t * ) pvPortMalloc( xBufferSizeBytes + sizeof( StreamBuffer_t ) ); /*lint !e9079 malloc() only returns void*. */ + if( xBufferSizeBytes < ( xBufferSizeBytes + 1 + sizeof( StreamBuffer_t ) ) ) + { + xBufferSizeBytes++; + pucAllocatedMemory = ( uint8_t * ) pvPortMalloc( xBufferSizeBytes + sizeof( StreamBuffer_t ) ); /*lint !e9079 malloc() only returns void*. */ + } + else + { + pucAllocatedMemory = NULL; + } + if( pucAllocatedMemory != NULL ) { From 47338393f1f79558f6144213409f09f81d7c4837 Mon Sep 17 00:00:00 2001 From: Cobus van Eeden <35851496+cobusve@users.noreply.github.com> Date: Mon, 7 Dec 2020 11:48:51 -0800 Subject: [PATCH 2/2] add assert for addition overflow on queue creation (#225) --- queue.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/queue.c b/queue.c index d2e27e55a..b01dfd11f 100644 --- a/queue.c +++ b/queue.c @@ -397,6 +397,9 @@ BaseType_t xQueueGenericReset( QueueHandle_t xQueue, /* Check for multiplication overflow. */ configASSERT( ( uxItemSize == 0 ) || ( uxQueueLength == ( xQueueSizeInBytes / uxItemSize ) ) ); + /* Check for addition overflow. */ + configASSERT( ( sizeof( Queue_t ) + xQueueSizeInBytes ) > xQueueSizeInBytes ); + /* Allocate the queue and storage area. Justification for MISRA * deviation as follows: pvPortMalloc() always ensures returned memory * blocks are aligned per the requirements of the MCU stack. In this case