search

SymbiSoft / mosync

Automatically exported from code.google.com/p/mosync
0 stars 0 forks source link

MAStd: realloc fails on passing NULL pointer in debug mode #1143

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?
#include <ma.h>

int MAMain() {
    void *pMem = realloc(NULL, 512);

    free (pMem);
}

What is the expected output? What do you see instead?
Expected: Program exits clean.
Seen instead: MoSync Panic 40031. "Data memory access out of bounds" The panic 
occurred in the MoSync core.

What version of the product are you using? On what operating system?
MoSyncWindows-110902-0012.exe Win XP

Please provide any additional information below.
MAStd/maheap.c:
------------------------------------------------------------
void* realloc(void* old, int size) {
    void* result;
    MASTD_HEAP_LOG("realloc(0x%08X, %i)\n", (int)old, size);

#ifdef MOSYNCDEBUG
    // we'll count it as a free + malloc
    gNumFrees++;
    gUsedMem -= gBlockSizeHook(old);
...
------------------------------------------------------------

gBlockSizeHook per default points to tlsf.c:
------------------------------------------------------------
size_t tlsf_block_size(void *ptr) 
{
/******************************************************************/
    bhdr_t *b = (bhdr_t *) ((char *) ptr - BHDR_OVERHEAD);
    return b->size&BLOCK_SIZE;
}
------------------------------------------------------------

ptr is NULL, so we get a negative, invalid address raising the Data access 
error.

Solution: 

void* realloc(void* old, int size) {
    void* result;
    MASTD_HEAP_LOG("realloc(0x%08X, %i)\n", (int)old, size);

#ifdef MOSYNCDEBUG
    if (old)
    {
        // we'll count it as a free + malloc
        gNumFrees++;
        gUsedMem -= gBlockSizeHook(old);
        dumpStack(-1, gBlockSizeHook(old), old);
    }
#endif
...

Original issue reported on code.google.com by e...@csp.at on 29 Sep 2011 at 3:51

GoogleCodeExporter commented 8 years ago

Original comment by miles.mi...@mobilesorcery.com on 24 Oct 2011 at 7:46

GoogleCodeExporter commented 8 years ago 
verified in Version 2.7 Pyramid - 111020-1533

Original comment by miles.mi...@mobilesorcery.com on 24 Oct 2011 at 7:47

GoogleCodeExporter commented 8 years ago 
Many thanks for this fix.  I'm sorry it's taken so long but we got there with 
your help.

Original comment by miles.mi...@mobilesorcery.com on 24 Oct 2011 at 10:55