FreeCalypso > hg > fc-magnetite
view src/g23m-gprs/cci/cci_hw_sim.c @ 516:1ed9de6c90bd
src/g23m-gsm/sms/sms_for.c: bogus malloc removed
The new error handling code that was not present in TCS211 blob version
contains a malloc call that is bogus for 3 reasons:
1) The memory allocation in question is not needed in the first place;
2) libc malloc is used instead of one of the firmware's proper ways;
3) The memory allocation is made inside a function and then never freed,
i.e., a memory leak.
This bug was caught in gcc-built FreeCalypso fw projects (Citrine
and Selenite) because our gcc environment does not allow any use of
libc malloc (any reference to malloc produces a link failure),
but this code from TCS3.2 is wrong even for Magnetite: if this code
path is executed repeatedly over a long time, the many small allocations
made by this malloc call without a subsequent free will eventually
exhaust the malloc heap provided by the TMS470 environment, malloc will
start returning NULL, and the bogus code will treat it as an error.
Because the memory allocation in question is not needed at all,
the fix entails simply removing it.
author | Mychaela Falconia <falcon@freecalypso.org> |
---|---|
date | Sun, 22 Jul 2018 06:04:49 +0000 |
parents | 219afcfc6250 |
children |
line wrap: on
line source
/* +----------------------------------------------------------------------------- | Project : | Modul : cci_hw_sim.c +----------------------------------------------------------------------------- | Copyright 2002 Texas Instruments Berlin, AG | All rights reserved. | | This file is confidential and a trade secret of Texas | Instruments Berlin, AG | The receipt of or possession of this file does not convey | any rights to reproduce or disclose its contents or to | manufacture, use, or sell anything it may describe, in | whole, or in part, without the specific written consent of | Texas Instruments Berlin, AG. +----------------------------------------------------------------------------- | Purpose : This module implements hardware simulation functions for | entity CCI. +----------------------------------------------------------------------------- */ #define CCI_HW_SIM_C #define ENTITY_LLC /*==== INCLUDES =============================================================*/ #include <string.h> /* to get memmove */ #include "typedefs.h" /* to get Condat data types */ #include "vsi.h" /* to get a lot of macros */ #include "macdef.h" #include "gprs.h" #include "gsm.h" /* to get a lot of macros */ #include "cnf_llc.h" /* to get cnf-definitions */ #include "mon_llc.h" /* to get mon-definitions */ #include "prim.h" /* to get the definitions of used SAP and directions */ #include "cci.h" /* to get the global entity definitions */ #include "llc.h" /* to get the global entity definitions */ #include "cci_hw_sim.h" #include "llc_f.h" /* to get llc_build_crc24() */ /*==== CONST ================================================================*/ /*==== LOCAL VARS ===========================================================*/ /*==== PRIVATE FUNCTIONS ====================================================*/ /*==== PUBLIC FUNCTIONS =====================================================*/ #ifdef _GEA_SIMULATION_ /* +------------------------------------------------------------------------------ | Function : ciph_hw_sim_cipher +------------------------------------------------------------------------------ | Description : This functionn simulates the hardware during ciphering process | | Parameters : void | +------------------------------------------------------------------------------ */ GLOBAL void ciph_hw_sim_cipher (U16 len) { /* * first move data one byte, if requested */ if( *cci_data->fbs.conf_ul_reg1 & INPUT_SHIFT ) { memmove (cci_data->fbs.simulated_reg_buffer, /* dest */ cci_data->fbs.simulated_reg_buffer+1, /* src */ len); } { #ifdef _SIM_CALC_FCS_ ULONG fcs; /* * Build FCS (function returns already inversed CRC), store result in fcs. */ fcs = llc_build_crc24 (cci_data->fbs.simulated_reg_buffer, len); /* * Copy FCS to HW registers, taking byte ordering of FCS registers * into account, e.g.: * fcs reg1 reg2 * xx 36 29 FC -> 29 FC xx 36 */ *cci_data->fbs.fcs_ul_reg1 = (USHORT) (fcs & 0x0000FFFFL); *cci_data->fbs.fcs_ul_reg2 = (USHORT)((fcs & 0x00FF0000L) >> 16); #else /* * Set FCS to all zeroes in simulation. */ *cci_data->fbs.fcs_ul_reg1 = 0x0000; *cci_data->fbs.fcs_ul_reg2 = 0x0000; #endif /* _SIM_CALC_FCS_ */ } /* * HW simulation: set status register to indicate finished work and emulate * timer afterwards. */ *cci_data->fbs.status_reg &= NOT_WORKING; } /* ciph_hw_sim_cipher */ /* +------------------------------------------------------------------------------ | Function : ciph_hw_sim_decipher +------------------------------------------------------------------------------ | Description : This functionn simulates the hardware during deciphering process | | Parameters : void | +------------------------------------------------------------------------------ */ GLOBAL void ciph_hw_sim_decipher ( void ) { /* * set all registers to indicate finished work. * FCS will be checked later. */ *cci_data->fbs.fcs_dl_reg1 &= 0x0000; *cci_data->fbs.fcs_dl_reg2 &= 0x0000; *cci_data->fbs.status_reg &= NOT_WORKING; } /* ciph_hw_sim_decipher */ /* +------------------------------------------------------------------------------ | Function : ciph_reg16_write_sim +------------------------------------------------------------------------------ | Description : This function simulates the hardware writing process on windows | environment | | Parameters : void | +------------------------------------------------------------------------------ */ GLOBAL void ciph_reg16_write_sim ( void ) { UBYTE *data = (UBYTE *)cci_data->fbs.data16_reg;; /* * To support any alignment the copy process must be done in two steps * by the use of 8 bit char pointers */ *cci_data->fbs.simulated_reg = *data; cci_data->fbs.simulated_reg++; data++; *cci_data->fbs.simulated_reg = *data; cci_data->fbs.simulated_reg++; } /* ciph_reg16_write_sim */ /* +------------------------------------------------------------------------------ | Function : ciph_reg8_write_sim +------------------------------------------------------------------------------ | Description : This function simulates the 8 bit hardware writing process | by the use of 8 bit register. | | Parameters : void | +------------------------------------------------------------------------------ */ GLOBAL void ciph_reg8_write_sim ( void ) { *cci_data->fbs.simulated_reg = *cci_data->fbs.data8_reg; cci_data->fbs.simulated_reg++; } /* ciph_reg8_write_sim() */ /* +------------------------------------------------------------------------------ | Function : ciph_reg16_read_sim +------------------------------------------------------------------------------ | Description : This function simulates the 16 bit hardware reading process | by the use of a 16 bit register | | Parameters : void | +------------------------------------------------------------------------------ */ GLOBAL void ciph_reg16_read_sim ( void ) { UBYTE *data = (UBYTE *)cci_data->fbs.data16_reg; /* * To support any alignment the copy process must be done in two steps * by the use of 8 bit char pointers */ *data = *cci_data->fbs.simulated_reg; cci_data->fbs.simulated_reg++; data++; *data = *cci_data->fbs.simulated_reg; cci_data->fbs.simulated_reg++; } /* ciph_reg16_read_sim*/ /* +------------------------------------------------------------------------------ | Function : ciph_reg8_read_sim +------------------------------------------------------------------------------ | Description : This function simulates the 8 bit hardware reading process | by the use of 8 bit register. | | Parameters : void | +------------------------------------------------------------------------------ */ GLOBAL void ciph_reg8_read_sim ( void ) { *cci_data->fbs.data8_reg = *cci_data->fbs.simulated_reg; cci_data->fbs.simulated_reg++; } /* ciph_reg8_read_sim*/ #endif /* _GEA_SIMULATION */