From 3a6d3153a49970939f86fb3e09647723d9e226e7 Mon Sep 17 00:00:00 2001
From: Philipp Oppermann <dev@phil-opp.com>
Date: Tue, 4 Feb 2020 09:47:39 +0100
Subject: [PATCH] Don't panic on overflow in allocator; return null pointer
 instead (#738)

---
 src/allocator/bump.rs        | 5 ++++-
 src/allocator/linked_list.rs | 2 +-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/allocator/bump.rs b/src/allocator/bump.rs
index 7d104eff..37031254 100644
--- a/src/allocator/bump.rs
+++ b/src/allocator/bump.rs
@@ -36,7 +36,10 @@ unsafe impl GlobalAlloc for Locked<BumpAllocator> {
         let mut bump = self.lock(); // get a mutable reference
 
         let alloc_start = align_up(bump.next, layout.align());
-        let alloc_end = alloc_start.checked_add(layout.size()).expect("overflow");
+        let alloc_end = match alloc_start.checked_add(layout.size()) {
+            Some(end) => end,
+            None => return ptr::null_mut(),
+        };
 
         if alloc_end > bump.heap_end {
             ptr::null_mut() // out of memory
diff --git a/src/allocator/linked_list.rs b/src/allocator/linked_list.rs
index a03b6f34..c2d1958d 100644
--- a/src/allocator/linked_list.rs
+++ b/src/allocator/linked_list.rs
@@ -86,7 +86,7 @@ impl LinkedListAllocator {
     /// Returns the allocation start address on success.
     fn alloc_from_region(region: &ListNode, size: usize, align: usize) -> Result<usize, ()> {
         let alloc_start = align_up(region.start_addr(), align);
-        let alloc_end = alloc_start.checked_add(size).expect("overflow");
+        let alloc_end = alloc_start.checked_add(size).ok_or(())?;
 
         if alloc_end > region.end_addr() {
             // region too small