Google Git
Sign in
pigweed / third_party / github / FreeRTOS / FreeRTOS-Kernel / b32aafe4dc16cb2474e0516019c2356cd01fb1c1^! / .
commitb32aafe4dc16cb2474e0516019c2356cd01fb1c1[log] [tgz]
authorRahul Kar <118818625+kar-rahul-aws@users.noreply.github.com>Thu Oct 19 12:08:22 2023 +0530
committerGitHub <noreply@github.com>Thu Oct 19 12:08:22 2023 +0530
tree287b101dae74a9701771a256ff7df20b8e56a9c6
parent220771565f3e8397409a6bc7520db00e7038efe8 [diff]
Fix size alignment in the integer overflow issue (#839)


diff --git a/portable/Common/mpu_wrappers_v2.c b/portable/Common/mpu_wrappers_v2.c
index fb4bd45..87e849e 100644
--- a/portable/Common/mpu_wrappers_v2.c
+++ b/portable/Common/mpu_wrappers_v2.c

@@ -113,14 +113,14 @@
     #define CONVERT_TO_INTERNAL_INDEX( lIndex )    ( ( lIndex ) - INDEX_OFFSET )
 
 /**
- * @brief Max value that fits in a size_t type.
+ * @brief Max value that fits in a uint32_t type.
  */
-    #define mpuSIZE_MAX    ( ~( ( size_t ) 0 ) )
+    #define mpuUINT32_MAX    ( ~( ( uint32_t ) 0 ) )
 
 /**
  * @brief Check if multiplying a and b will result in overflow.
  */
-    #define mpuMULTIPLY_WILL_OVERFLOW( a, b )    ( ( ( a ) > 0 ) && ( ( b ) > ( mpuSIZE_MAX / ( a ) ) ) )
+    #define mpuMULTIPLY_UINT32_WILL_OVERFLOW( a, b )    ( ( ( a ) > 0 ) && ( ( b ) > ( mpuUINT32_MAX / ( a ) ) ) )
 
 /**
  * @brief Get the index of a free slot in the kernel object pool.
@@ -1048,11 +1048,13 @@
             UBaseType_t uxReturn = 0;
             UBaseType_t xIsTaskStatusArrayWriteable = pdFALSE;
             UBaseType_t xIsTotalRunTimeWriteable = pdFALSE;
+            uint32_t ulArraySize = ( uint32_t ) uxArraySize;
+            uint32_t ulTaskStatusSize = ( uint32_t ) sizeof( TaskStatus_t );
 
-            if( mpuMULTIPLY_WILL_OVERFLOW( sizeof( TaskStatus_t ), uxArraySize ) == 0 )
+            if( mpuMULTIPLY_UINT32_WILL_OVERFLOW( ulTaskStatusSize, ulArraySize ) == 0 )
             {
                 xIsTaskStatusArrayWriteable = xPortIsAuthorizedToAccessBuffer( pxTaskStatusArray,
-                                                                               sizeof( TaskStatus_t ) * uxArraySize,
+                                                                               ulTaskStatusSize * ulArraySize,
                                                                                tskMPU_WRITE_PERMISSION );
 
                 if( pulTotalRunTime != NULL )
@@ -1065,7 +1067,7 @@
                 if( ( xIsTaskStatusArrayWriteable == pdTRUE ) &&
                     ( ( pulTotalRunTime == NULL ) || ( xIsTotalRunTimeWriteable == pdTRUE ) ) )
                 {
-                    uxReturn = uxTaskGetSystemState( pxTaskStatusArray, uxArraySize, pulTotalRunTime );
+                    uxReturn = uxTaskGetSystemState( pxTaskStatusArray, ( UBaseType_t ) ulArraySize, pulTotalRunTime );
                 }
             }