From f8d30bb95f35ed2af67f458e0a55ece1130b7180 Mon Sep 17 00:00:00 2001 From: Alexey Lapshin Date: Thu, 6 Jun 2024 15:18:04 +0700 Subject: [PATCH 1/4] fix(heap): fix warnings found by GNU static analyzer --- components/heap/heap_caps_init.c | 1 + 1 file changed, 1 insertion(+) diff --git a/components/heap/heap_caps_init.c b/components/heap/heap_caps_init.c index 2a513f4619..9cf824802a 100644 --- a/components/heap/heap_caps_init.c +++ b/components/heap/heap_caps_init.c @@ -93,6 +93,7 @@ void heap_caps_init(void) const soc_memory_type_desc_t *type = &soc_memory_types[region->type]; heap_t *heap = &temp_heaps[heap_idx]; if (region->type == -1) { + memset(heap, 0, sizeof(*heap)); continue; } heap_idx++; From b10938e44b44c7c4e6a0c56a57aae80b528a31cb Mon Sep 17 00:00:00 2001 From: Alexey Lapshin Date: Thu, 6 Jun 2024 15:18:52 +0700 Subject: [PATCH 2/4] fix(vfs): fix warnings found by GNU static analyzer --- components/vfs/vfs_eventfd.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/components/vfs/vfs_eventfd.c b/components/vfs/vfs_eventfd.c index a9a979cf9c..a8ae79d1b9 100644 --- a/components/vfs/vfs_eventfd.c +++ b/components/vfs/vfs_eventfd.c @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2021-2023 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2021-2024 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -107,12 +107,16 @@ static esp_err_t event_start_select(int nfds, for (int i = 0; i < nfds; i++) { _lock_acquire_recursive(&s_events[i].lock); if (s_events[i].fd == i && (FD_ISSET(i, readfds) || FD_ISSET(i, writefds) || FD_ISSET(i, exceptfds))) { + event_select_args_t *event_select_args = + (event_select_args_t *)malloc(sizeof(event_select_args_t)); + if (!event_select_args) { + _lock_release_recursive(&s_events[i].lock); + return ESP_ERR_NO_MEM; + } if (s_events[i].support_isr) { portENTER_CRITICAL(&s_events[i].data_spin_lock); } - event_select_args_t *event_select_args = - (event_select_args_t *)malloc(sizeof(event_select_args_t)); event_select_args->fd = i; event_select_args->signal_sem = signal_sem; From 7e7bd3f5a5e0695a3e76d4e9550beab13d17ef39 Mon Sep 17 00:00:00 2001 From: Alexey Lapshin Date: Thu, 6 Jun 2024 15:20:06 +0700 Subject: [PATCH 3/4] fix(wpa_supplicant): fix warnings found by GNU static analyzer --- components/wpa_supplicant/src/ap/ieee802_1x.c | 2 ++ components/wpa_supplicant/src/common/ieee802_11_common.c | 4 ++++ 2 files changed, 6 insertions(+) diff --git a/components/wpa_supplicant/src/ap/ieee802_1x.c b/components/wpa_supplicant/src/ap/ieee802_1x.c index 5e3c078baf..eb623cecab 100644 --- a/components/wpa_supplicant/src/ap/ieee802_1x.c +++ b/components/wpa_supplicant/src/ap/ieee802_1x.c @@ -433,6 +433,8 @@ int ieee802_1x_init(struct hostapd_data *hapd) os_memset(&conf, 0, sizeof(conf)); eap_cfg = os_zalloc(sizeof(struct eap_config)); + if (!eap_cfg) + return -1; eap_cfg->max_auth_rounds = 100; eap_cfg->max_auth_rounds_short = 50; //eap_cfg->backend_auth = 1; diff --git a/components/wpa_supplicant/src/common/ieee802_11_common.c b/components/wpa_supplicant/src/common/ieee802_11_common.c index ed44d3532e..61a753f442 100644 --- a/components/wpa_supplicant/src/common/ieee802_11_common.c +++ b/components/wpa_supplicant/src/common/ieee802_11_common.c @@ -202,6 +202,10 @@ static int ieee802_11_parse_vendor_specific(struct wpa_supplicant *wpa_s, const case SAE_PK_OUI_TYPE: wpa_s->sae_pk_elems.sae_pk_len = elem->datalen - 4; wpa_s->sae_pk_elems.sae_pk = (u8*)os_zalloc(sizeof(u8)*(elem->datalen-4)); + if (!wpa_s->sae_pk_elems.sae_pk) { + wpa_printf(MSG_EXCESSIVE, "Can not allocate memory for sae_pk"); + return -1; + } os_memcpy(wpa_s->sae_pk_elems.sae_pk, pos+4, elem->datalen-4); break; default: From 488a413cd2c3fb3be0a25a8dbad62fce6d2b32da Mon Sep 17 00:00:00 2001 From: Alexey Lapshin Date: Tue, 18 Jun 2024 00:17:15 +0700 Subject: [PATCH 4/4] fix(usb): fix warnings found by GNU static analyzer --- components/usb/hcd_dwc.c | 5 ++++- components/usb/usb_phy.c | 6 ++++-- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/components/usb/hcd_dwc.c b/components/usb/hcd_dwc.c index 3e5c77e8d1..dc3833cb19 100644 --- a/components/usb/hcd_dwc.c +++ b/components/usb/hcd_dwc.c @@ -1431,8 +1431,11 @@ static dma_buffer_block_t *buffer_block_alloc(usb_transfer_type_t type) break; } dma_buffer_block_t *buffer = calloc(1, sizeof(dma_buffer_block_t)); + if (buffer == NULL) { + return NULL; + } void *xfer_desc_list = heap_caps_aligned_calloc(USB_DWC_QTD_LIST_MEM_ALIGN, desc_list_len, sizeof(usb_dwc_ll_dma_qtd_t), MALLOC_CAP_DMA); - if (buffer == NULL || xfer_desc_list == NULL) { + if (xfer_desc_list == NULL) { free(buffer); heap_caps_free(xfer_desc_list); return NULL; diff --git a/components/usb/usb_phy.c b/components/usb/usb_phy.c index bd07287a3c..98aa8705c3 100644 --- a/components/usb/usb_phy.c +++ b/components/usb/usb_phy.c @@ -332,8 +332,10 @@ esp_err_t usb_new_phy(const usb_phy_config_t *config, usb_phy_handle_t *handle_r return ESP_OK; cleanup: - free(phy_context->iopins); - free(phy_context); + if (phy_context) { + free(phy_context->iopins); + free(phy_context); + } if (p_phy_ctrl_obj->ref_count == 0) { free(p_phy_ctrl_obj); p_phy_ctrl_obj = NULL;