#650 closed defect (fixed)

message initialize buffer size wrap not detected

Reported by: Joel Sherrill Owned by: Joel Sherrill
Priority: normal Milestone: 2
Component: score Version: 4.6
Severity: major Keywords:
Cc: bugs@… Blocked By:


When the message size is large enough to be close to wrapping, adding the overhead to it can result in undetected wrapping. Similarly, if the number of messages multiplied by the size of each message buffer wraps, this is also undetected. Either condition results in an insufficiently small message buffer pool which may lead to an invalid memory access.

4.6 and CVS


Attachments (1)

pr650.diff (1.6 KB) - added by Joel Sherrill on Dec 3, 2006 at 1:31:13 PM.

Download all attachments as: .zip

Change History (2)

comment:1 Changed on Jul 14, 2004 at 8:06:14 PM by Joel Sherrill

Status: assignedclosed

State-Changed-From-To: open->closed
State-Changed-Why: Attached patch was committed.

2004-07-14 Joel Sherrill <joel@…>

PR 650/rtems

  • score/src/coremsg.c: Check for mathemathical overflow

when calculating amount of memory to allocate for message

Changed on Dec 3, 2006 at 1:31:13 PM by Joel Sherrill

Attachment: pr650.diff added


Note: See TracTickets for help on using tickets.