#650 closed defect (fixed)

message initialize buffer size wrap not detected

Reported by: Joel Sherrill Owned by: Joel Sherrill
Priority: normal Milestone: 2
Component: score Version: 4.6
Severity: major Keywords:
Cc: bugs@… Blocked By:
Blocking:

Description

When the message size is large enough to be close to wrapping, adding the overhead to it can result in undetected wrapping. Similarly, if the number of messages multiplied by the size of each message buffer wraps, this is also undetected. Either condition results in an insufficiently small message buffer pool which may lead to an invalid memory access.

Release:
4.6 and CVS

Environment:
All

Attachments (1)

pr650.diff (1.6 KB) - added by Joel Sherrill on Dec 3, 2006 at 1:31:13 PM.
pr650.diff

Download all attachments as: .zip

Change History (2)

comment:1 Changed on Jul 14, 2004 at 8:06:14 PM by Joel Sherrill

Status: assignedclosed

State-Changed-From-To: open->closed
State-Changed-Why: Attached patch was committed.

2004-07-14 Joel Sherrill <joel@…>

PR 650/rtems

  • score/src/coremsg.c: Check for mathemathical overflow

when calculating amount of memory to allocate for message
buffers.

Changed on Dec 3, 2006 at 1:31:13 PM by Joel Sherrill

Attachment: pr650.diff added

pr650.diff

Note: See TracTickets for help on using tickets.