From de9b7d712bf5da6593386fd4fbca0d5f8b8431d8 Mon Sep 17 00:00:00 2001 From: Sebastian Huber Date: Fri, 1 Jun 2018 07:04:45 +0200 Subject: Add RTEMS_FATAL_SOURCE_INVALID_HEAP_FREE An invalid heap usage such as a double free is usually a fatal error since this indicates a use after free. Replace the use of printk() in free() with a fatal error. Update #3437. --- cpukit/include/rtems/score/interr.h | 7 +++++++ cpukit/libcsupport/src/free.c | 7 +------ cpukit/sapi/src/fatalsrctext.c | 3 ++- 3 files changed, 10 insertions(+), 7 deletions(-) (limited to 'cpukit') diff --git a/cpukit/include/rtems/score/interr.h b/cpukit/include/rtems/score/interr.h index 3144952716..f09072d5fb 100644 --- a/cpukit/include/rtems/score/interr.h +++ b/cpukit/include/rtems/score/interr.h @@ -130,6 +130,13 @@ typedef enum { */ RTEMS_FATAL_SOURCE_PANIC = 11, + /** + * @brief Fatal source for invalid C program heap frees via free(). + * + * The fatal code is the bad pointer. + */ + RTEMS_FATAL_SOURCE_INVALID_HEAP_FREE = 12, + /** * @brief The last available fatal source. * diff --git a/cpukit/libcsupport/src/free.c b/cpukit/libcsupport/src/free.c index 90209580db..d8dd2bdb0e 100644 --- a/cpukit/libcsupport/src/free.c +++ b/cpukit/libcsupport/src/free.c @@ -38,12 +38,7 @@ void free( } if ( !_Protected_heap_Free( RTEMS_Malloc_Heap, ptr ) ) { - printk( "Program heap: free of bad pointer %p -- range %p - %p \n", - ptr, - (void*) RTEMS_Malloc_Heap->area_begin, - (void*) RTEMS_Malloc_Heap->area_end - ); + rtems_fatal( RTEMS_FATAL_SOURCE_INVALID_HEAP_FREE, (rtems_fatal_code) ptr ); } - } #endif diff --git a/cpukit/sapi/src/fatalsrctext.c b/cpukit/sapi/src/fatalsrctext.c index 4b02234910..2331b6c758 100644 --- a/cpukit/sapi/src/fatalsrctext.c +++ b/cpukit/sapi/src/fatalsrctext.c @@ -38,7 +38,8 @@ static const char *const fatal_source_text[] = { "RTEMS_FATAL_SOURCE_STACK_CHECKER", "RTEMS_FATAL_SOURCE_EXCEPTION", "RTEMS_FATAL_SOURCE_SMP", - "RTEMS_FATAL_SOURCE_PANIC" + "RTEMS_FATAL_SOURCE_PANIC", + "RTEMS_FATAL_SOURCE_INVALID_HEAP_FREE" }; const char *rtems_fatal_source_text( rtems_fatal_source source ) -- cgit v1.2.3