malloc/memalign: Return NULL if the request is too large

It's what this function family is defined to do, we currently don't
usually run into the case (see: not too many die() instances going
around), it's more useful to try to recover, and the JPEG parser can run
into it if the work buffer size exceeds the remaining heap, whereas its
sole user (the bootsplash code) knows what to do when seeing a NULL.

Use xmalloc() if you want an allocation that either works or dies.

tl;dr: That code path isn't usually taken. Right now it crashes. With
this patch it _might_ survive. There is a use-case for doing it like
that now.

Change-Id: I262fbad7daae0ca3aab583fda00665a2592deaa8
Signed-off-by: Patrick Georgi <patrick@coreboot.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/80226
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin L Roth <gaumless@gmail.com>
Reviewed-by: Eric Lai <ericllai@google.com>

1 files changed, 4 insertions, 1 deletions

diff --git a/src/lib/malloc.c b/src/lib/malloc.c
index 052a53e568..30298064d9 100644
--- a/src/lib/malloc.c
+++ b/src/lib/malloc.c
@@ -44,7 +44,10 @@ void *memalign(size_t boundary, size_t size)
 				p, free_mem_ptr);
 		printk(BIOS_ERR, "but free_mem_end_ptr is %p\n",
 				free_mem_end_ptr);
-		die("Error! %s: Out of memory (free_mem_ptr >= free_mem_end_ptr)", __func__);
+		printk(BIOS_ERR, "Error! %s: Out of memory "
+				"(free_mem_ptr >= free_mem_end_ptr)",
+				__func__);
+		return NULL;
 	}
 
 	MALLOCDBG("%s %p\n", __func__, p);