ioman_releaseSector sign error
Brought to you by:
flecxie,
lennartyseboodt
Menu
▾
▴
#13 ioman_releaseSector sign error
Hello,
In src/ioman.c ioman_releaseSector calls ioman_getBp and stores the return value in euint16 bp (an unsigned value). This is an error as ioman_getBp may return -1. The code currently reads:
euint16 bp;
bp=ioman_getBp(ioman,buf);
ioman_decUseCnt(ioman,bp);
if(ioman_getUseCnt(ioman,bp)==0 && ioman->itptr[bp]!=0){
...
}
The unchecked use of bp in ioman->itptr[bp] will lead to memory violations. Instead, this should be changed something like:
esint16 bp;
bp=ioman_getBp(ioman,buf);
ioman_decUseCnt(ioman,bp);
if(ioman_getUseCnt(ioman,bp)==0 && bp >= 0){
if(ioman->itptr[bp]!=0){
...
}
}
This bug is present in stable version 0.2.8 and in the development version 0.3.5. This caused segfaults on an lpc2148 I am developing. Thank you.
Carrick
