diff options
author | Julius Werner <jwerner@chromium.org> | 2020-04-01 17:52:23 -0700 |
---|---|---|
committer | Julius Werner <jwerner@chromium.org> | 2020-04-03 19:56:27 +0000 |
commit | d61350c403f90ee11c179fece04f68e6c34e1555 (patch) | |
tree | 79b76a790362c9f71fab8eea7d315a9659602b99 | |
parent | adbb224f5aad822b1cc46481f4fc5e2c1fab5b07 (diff) |
libpayload: malloc: Change memcpy() to memmove() in realloc
Our realloc() works (somewhat suboptimally) by free()ing the existing
allocation and then reallocating it wherever it fits. If there was free
space before the old location, this means the new allocation may be
before the old one, and if the free space block is smaller than the old
allocation it may overlap. Thus, we should be moving memmove() instead
of memcpy() to move the block over.
This is not a problem in practice since all our existing memcpy()s are
simple iterate and copy front to back implementations which are safe for
overlaps when the destination is in front of the source. but it's still
the more correct thing to do (in case we ever change our memcpy()s to do
something more advanced or whatever).
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I35f77a94b7a72c01364ee7eecb5c3ff5ecde57f6
Reviewed-on: https://review.coreboot.org/c/coreboot/+/40028
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
-rw-r--r-- | payloads/libpayload/libc/malloc.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/payloads/libpayload/libc/malloc.c b/payloads/libpayload/libc/malloc.c index 1fdb59e9b1..f2a54a70c8 100644 --- a/payloads/libpayload/libc/malloc.c +++ b/payloads/libpayload/libc/malloc.c @@ -310,8 +310,9 @@ void *realloc(void *ptr, size_t size) if (ret == NULL || ret == ptr) return ret; - /* Copy the memory to the new location. */ - memcpy(ret, ptr, osize > size ? size : osize); + /* Move the memory to the new location. Might be before the old location + and overlap since the free() above includes a _consolidate(). */ + memmove(ret, ptr, osize > size ? size : osize); return ret; } |