mm/mempool: fix crash about mempool_multiple_realloc

kasan_report (addr=0xf3c68618, size=1, is_write=false) at
kasan/kasan.c:106
0x56585fbf in __asan_loadN_noabort (addr=0xf3c68618, size=1) at
kasan/kasan.c:300
0x565860ac in __asan_load1_noabort (addr=0xf3c68618) at
kasan/kasan.c:354
0x565843af in memcpy (dest=0xf3de9d6c, src=0xf3c685cc, n=3) at
string/lib_memcpy.c:44
0x56587ae8 in mempool_multiple_realloc (mpool=0xf3c670fc,
oldblk=0xf3c685cc, size=416) at mempool/mempool_multiple.c:218
0x5658707a in mm_realloc (heap=0xf3c67000, oldmem=0xf3c685cc,
size=416) at mm_heap/mm_realloc.c:98
0x5658524e in realloc (oldmem=0xf3c685cc, size=416) at
umm_heap/umm_realloc.c:97

Signed-off-by: dongjiuzhu1 <dongjiuzhu1@xiaomi.com>
This commit is contained in:
dongjiuzhu1 2022-10-31 21:11:26 +08:00 committed by Xiang Xiao
parent e5394be881
commit f5ee767c46

View file

@ -214,7 +214,7 @@ FAR void *mempool_multiple_realloc(FAR struct mempool_multiple_s *mpool,
oldpool = *(FAR struct mempool_s **)
((FAR char *)oldblk - SIZEOF_HEAD);
memcpy(blk, oldblk, MIN(oldpool->blocksize, size));
memcpy(blk, oldblk, MIN(oldpool->blocksize - SIZEOF_HEAD, size));
mempool_multiple_free(mpool, oldblk);
}