michaelkuc6/blog_os
1
0
Fork 0
mirror of https://github.com/phil-opp/blog_os.git synced 2025-12-16 14:27:49 +00:00
Code Issues Projects Releases Wiki Activity

Fixes #220: BumpAllocator overflow

Browse Source 
I also fixed a spelling error and replaced a tab with a space
in the blog post where `allocate()` was created.
This commit is contained in:
Calvin Lee
2016-09-22 12:25:59 -06:00
parent 379ca660ae
commit 54e02fd6b5
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
blog/post/08-kernel-heap.md
View File

@@ -86,8 +86,8 @@ impl BumpAllocator {
/// Allocates a block of memory with the given size and alignment.
fn allocate(&mut self, size: usize, align: usize) -> Option<*mut u8> {
let alloc_start = align_up(self.next, align);
let alloc_end = alloc_start + size;
let alloc_start = align_up(self.next, align);
let alloc_end = alloc_start.saturating_add(size);
if alloc_end <= self.heap_start + self.heap_size {
self.next = alloc_end;
@@ -99,7 +99,7 @@ impl BumpAllocator {
}
```
The `heap_start` and `heap_size` fields just contain the start address and size of our kernel heap. The `next` field contains the next free address and is increased after every allocation. To `allocate` a memory block we align the `next` address using the `align_up` function (decribed below). Then we add up the desired `size` and make sure that we don't exceed the end of the heap. If everything goes well, we update the `next` address and return a pointer to the start address of the allocation. Else, we return `None`.
The `heap_start` and `heap_size` fields just contain the start address and size of our kernel heap. The `next` field contains the next free address and is increased after every allocation. To `allocate` a memory block we align the `next` address using the `align_up` function (described below). Then we add up the desired `size` and make sure that we don't exceed the end of the heap. We use a saturating add so that the calling code cannot overflow `heap_start`, which would cause undefined behaviour. If everything goes well, we update the `next` address and return a pointer to the start address of the allocation. Else, we return `None`.
Note that we need to add a feature flag at the beginning of the file, because we've marked the `new` function as `const`. [Const functions] are unstable, so we need to add the `#![feature(const_fn)]` flag.

2
libs/bump_allocator/src/lib.rs
View File

@@ -35,7 +35,7 @@ impl BumpAllocator {
/// Allocates a block of memory with the given size and alignment.
fn allocate(&mut self, size: usize, align: usize) -> Option<*mut u8> {
let alloc_start = align_up(self.next, align);
let alloc_end = alloc_start + size;
let alloc_end = alloc_start.saturating_add(size);
if alloc_end <= self.heap_start + self.heap_size {
self.next = alloc_end;