[En-Nut-Discussion] Should free test DEADBEEF by default?
Moritz Struebe
morty at gmx.net
Tue Apr 22 16:40:01 CEST 2008
Ole Reinhardt schrieb:
> Hi,
>
>
>>
>> Is there a good reason to/not check the DEADBEEF when freeing mem. After
>> all it's likely that (1) the boundaries were not obeyed or (2) a wrong
>> pointer got freed. Shouldn't free just return -1 in this case?
>>
>
> Normal libc implementation of free defines free as a void function.
>
I know, but NutHeapFree already returns -1 on double free.
> On the other hand: If you did not obeye the boundaries of your allocated
> memory everthing else will likely fail long before the memory get freed
> again.
>
> Without a mmu you does not have much possibilities to detect buffer
> overflows.
>
This is what I'm musing about. Once you went past the DEADBEEF you can
assume that your managed memory is broken and can not be recovered.
Therefore the most reasonable thing to do, is probably to halt or reset
the system. *brainstorming* Maybe adding some fatal error function is
reasonable. This would allow something between the DEBUG overhead and no
detection at all. I was also thinking of checking the stack when
dispatching a thread. Of course this probably too late, too, but at
least it's detected at all.
Cheers
Morty
More information about the En-Nut-Discussion
mailing list