[U-Boot] [PATCH] dlmalloc: calloc: fix zeroing early allocations

[U-Boot] [PATCH] dlmalloc: calloc: fix zeroing early allocations

[Simon Goldschmidt]

When full malloc is enabled and SYS_MALLOC_F is also enabled, the simple
pre-reloc heap is used before relocation. In this case, calloc() uses
the MALLOC_ZERO macro to zero out the allocated memory. However, since
this macro is specially crafted for the dlmalloc implementation, it
does not always work for simple malloc.

For example, when allocating 16 bytes via simple malloc, only the first
12 bytes get zeroed out. The last 4 bytes will remain untouched.

This is a problem for DM drivers that are allocated before relocation:
memory allocated via 'platdata_auto_alloc_size' might not be set to
zero, resulting in bogus behaviour.

To fix this, use 'memset' instead of 'MALLOC_ZERO' to zero out memory
that compes from simple malloc.

Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
---

 common/dlmalloc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/common/dlmalloc.c b/common/dlmalloc.c
index 6f12a18d54..dade68faf7 100644
--- a/common/dlmalloc.c
+++ b/common/dlmalloc.c
@@ -2086,7 +2086,7 @@ Void_t* cALLOc(n, elem_size) size_t n; size_t elem_size;
   {
 #if CONFIG_VAL(SYS_MALLOC_F_LEN)
 	if (!(gd->flags & GD_FLG_FULL_MALLOC_INIT)) {
-		MALLOC_ZERO(mem, sz);
+		memset(mem, 0, sz);
 		return mem;
 	}
 #endif
-- 
2.20.1

[U-Boot] [PATCH] dlmalloc: calloc: fix zeroing early allocations

[Tom Rini]

On Fri, Oct 25, 2019 at 09:23:35PM +0200, Simon Goldschmidt wrote:

> When full malloc is enabled and SYS_MALLOC_F is also enabled, the simple
> pre-reloc heap is used before relocation. In this case, calloc() uses
> the MALLOC_ZERO macro to zero out the allocated memory. However, since
> this macro is specially crafted for the dlmalloc implementation, it
> does not always work for simple malloc.
> 
> For example, when allocating 16 bytes via simple malloc, only the first
> 12 bytes get zeroed out. The last 4 bytes will remain untouched.
> 
> This is a problem for DM drivers that are allocated before relocation:
> memory allocated via 'platdata_auto_alloc_size' might not be set to
> zero, resulting in bogus behaviour.
> 
> To fix this, use 'memset' instead of 'MALLOC_ZERO' to zero out memory
> that compes from simple malloc.
> 
> Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>

Reviewed-by: Tom Rini <trini@konsulko.com>

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20191030/e42f9052/attachment.sig>

[U-Boot] [PATCH] dlmalloc: calloc: fix zeroing early allocations

[Tom Rini]

On Fri, Oct 25, 2019 at 09:23:35PM +0200, Simon Goldschmidt wrote:

> When full malloc is enabled and SYS_MALLOC_F is also enabled, the simple
> pre-reloc heap is used before relocation. In this case, calloc() uses
> the MALLOC_ZERO macro to zero out the allocated memory. However, since
> this macro is specially crafted for the dlmalloc implementation, it
> does not always work for simple malloc.
> 
> For example, when allocating 16 bytes via simple malloc, only the first
> 12 bytes get zeroed out. The last 4 bytes will remain untouched.
> 
> This is a problem for DM drivers that are allocated before relocation:
> memory allocated via 'platdata_auto_alloc_size' might not be set to
> zero, resulting in bogus behaviour.
> 
> To fix this, use 'memset' instead of 'MALLOC_ZERO' to zero out memory
> that compes from simple malloc.
> 
> Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
> Reviewed-by: Tom Rini <trini@konsulko.com>

Applied to u-boot/master, thanks!

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20191108/75a20b2d/attachment.sig>