From: Gene Cumm <gene.cumm@gmail.com>
Date: Sat, 3 Aug 2013 19:59:26 +0000 (-0400)
Subject: core: mbox/semaphore NULL checks
X-Git-Tag: syslinux-6.03~86^2~26
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=dc3059be195f0b1c878273f648dcaf1b45c5a860;p=platform%2Fupstream%2Fsyslinux.git

core: mbox/semaphore NULL checks

Also set mbox invalid and mbox pointer NULL when free()d

Signed-off-by: Gene Cumm <gene.cumm@gmail.com>
---

diff --git a/core/include/mbox.h b/core/include/mbox.h
index 3c35ce4..6fec267 100644
--- a/core/include/mbox.h
+++ b/core/include/mbox.h
@@ -45,7 +45,8 @@ mstime_t mbox_fetch(struct mailbox *mbox, void **msg, mstime_t timeout);
  */
 static inline void mbox_set_invalid(struct mailbox *mbox)
 {
-    sem_set_invalid(&mbox->prod_sem);
+    if (!!mbox)
+	sem_set_invalid(&mbox->prod_sem);
 }
 
 /*
@@ -53,7 +54,7 @@ static inline void mbox_set_invalid(struct mailbox *mbox)
  */
 static inline bool mbox_is_valid(struct mailbox *mbox)
 {
-    return sem_is_valid(&mbox->prod_sem);
+    return ((!!mbox) && sem_is_valid(&mbox->prod_sem));
 }
 
 #endif /* _MBOX_H */
diff --git a/core/include/thread.h b/core/include/thread.h
index 6bfdfaa..8ec4a26 100644
--- a/core/include/thread.h
+++ b/core/include/thread.h
@@ -93,7 +93,8 @@ void sem_init(struct semaphore *, int);
  */
 static inline void sem_set_invalid(struct semaphore *sem)
 {
-    sem->list.next = NULL;
+    if (!!sem)
+	sem->list.next = NULL;
 }
 
 /*
@@ -101,7 +102,7 @@ static inline void sem_set_invalid(struct semaphore *sem)
  */
 static inline bool sem_is_valid(struct semaphore *sem)
 {
-    return !!sem->list.next;
+    return ((!!sem) && (!!sem->list.next));
 }
 
 struct thread *start_thread(const char *name, size_t stack_size, int prio,
diff --git a/core/lwip/src/arch/sys_arch.c b/core/lwip/src/arch/sys_arch.c
index 894f6ad..2597bd4 100644
--- a/core/lwip/src/arch/sys_arch.c
+++ b/core/lwip/src/arch/sys_arch.c
@@ -71,8 +71,11 @@ err_t sys_mbox_new(sys_mbox_t *mbox, int size)
 
 void sys_mbox_free(sys_mbox_t *mbox)
 {
-    if (!!mbox && !!*mbox)
+    if (!!mbox && !!*mbox) {
+	sys_mbox_set_invalid(mbox);
 	free(*mbox);
+	*mbox = NULL;
+    }
 }
 
 void sys_mbox_post(sys_mbox_t *mbox, void *msg)
diff --git a/core/thread/mbox.c b/core/thread/mbox.c
index c518eeb..6ad576b 100644
--- a/core/thread/mbox.c
+++ b/core/thread/mbox.c
@@ -10,18 +10,22 @@
 
 void mbox_init(struct mailbox *mbox, size_t size)
 {
-    sem_init(&mbox->prod_sem, size); /* All slots empty */
-    sem_init(&mbox->cons_sem, 0);    /* No slots full */
-    sem_init(&mbox->head_sem, 1);    /* Head mutex */
-    sem_init(&mbox->tail_sem, 1);    /* Tail mutex */
-
-    mbox->wrap = &mbox->data[size];
-    mbox->head = &mbox->data[0];
-    mbox->tail = &mbox->data[0];
+    if (!!mbox) {
+	sem_init(&mbox->prod_sem, size); /* All slots empty */
+	sem_init(&mbox->cons_sem, 0);    /* No slots full */
+	sem_init(&mbox->head_sem, 1);    /* Head mutex */
+	sem_init(&mbox->tail_sem, 1);    /* Tail mutex */
+
+	mbox->wrap = &mbox->data[size];
+	mbox->head = &mbox->data[0];
+	mbox->tail = &mbox->data[0];
+    }
 };
 
 int mbox_post(struct mailbox *mbox, void *msg, mstime_t timeout)
 {
+    if (!mbox)
+	return ENOMEM;
     if (sem_down(&mbox->prod_sem, timeout) == (mstime_t)-1)
 	return ENOMEM;
     sem_down(&mbox->head_sem, 0);
@@ -40,6 +44,8 @@ mstime_t mbox_fetch(struct mailbox *mbox, void **msg, mstime_t timeout)
 {
     mstime_t t;
 
+    if (!mbox)
+	return -1;
     t = sem_down(&mbox->cons_sem, timeout);
     if (t == (mstime_t)-1)
 	return -1;
diff --git a/core/thread/semaphore.c b/core/thread/semaphore.c
index 6a2e4c1..abd4f41 100644
--- a/core/thread/semaphore.c
+++ b/core/thread/semaphore.c
@@ -3,8 +3,10 @@
 
 void sem_init(struct semaphore *sem, int count)
 {
-    sem->list.next = sem->list.prev = &sem->list;
-    sem->count = count;
+    if (!!sem) {
+	sem->list.next = sem->list.prev = &sem->list;
+	sem->count = count;
+    }
 }
 
 mstime_t __sem_down_slow(struct semaphore *sem, mstime_t timeout)
@@ -14,7 +16,9 @@ mstime_t __sem_down_slow(struct semaphore *sem, mstime_t timeout)
 
     irq = irq_save();
 
-    if (sem->count >= 0) {
+    if (!sem) {
+	rv = -1;
+    } else if (sem->count >= 0) {
 	/* Something already freed the semaphore on us */
 	rv = 0;
     } else if (timeout == -1) {
@@ -64,17 +68,19 @@ void __sem_up_slow(struct semaphore *sem)
      * we don't have to do anything, since the bailout clause in
      * __sem_down_slow will take care of it.
      */
-    l = sem->list.next;
-    if (l != &sem->list) {
-	struct thread_block *block;
-	block = container_of(l, struct thread_block, list);
+    if (!!sem) {
+	l = sem->list.next;
+	if (l != &sem->list) {
+	    struct thread_block *block;
+	    block = container_of(l, struct thread_block, list);
 
-	sem->list.next = block->list.next;
-	block->list.next->prev = &sem->list;
+	    sem->list.next = block->list.next;
+	    block->list.next->prev = &sem->list;
 
-	block->thread->blocked = NULL;
+	    block->thread->blocked = NULL;
 
-	__schedule();
+	    __schedule();
+	}
     }
 
     irq_restore(irq);