Make sure allocation occures before dereferencing a pointer.

Allocation could cause heap resize => invalidates all pointer dereferences.

Make sure allocation occures before dereferencing a pointer.
Allocation could cause heap resize => invalidates all pointer dereferences.
e42b6058 · Wesley W. Terpstra · ecc12a30 · e42b6058 · e42b6058 · e42b6058
Commit e42b6058 authored 13 years ago by Wesley W. Terpstra
--- a/api/v2/glue/cycle.c
+++ b/api/v2/glue/cycle.c
@@ -140,14 +140,9 @@ static struct eb_operation* eb_cycle_doop(eb_cycle_t cyclep) {
  struct eb_operation* op;
  static struct eb_operation crap;
  
+  opp = eb_new_operation();
  cycle = EB_CYCLE(cyclep);
  
-  if (cycle->dead == cyclep) {
-    /* Already ran OOM on this cycle */
-    return &crap;
-  }
-  
-  opp = eb_new_operation();
  if (opp == EB_NULL) {
    /* Record out-of-memory with a self-pointer */
    eb_cycle_destroy(cyclep);
@@ -155,6 +150,12 @@ static struct eb_operation* eb_cycle_doop(eb_cycle_t cyclep) {
    return &crap;
  }
  
+  if (cycle->dead == cyclep) {
+    eb_free_operation(opp);
+    /* Already ran OOM on this cycle */
+    return &crap;
+  }
+  
  op = EB_OPERATION(opp);
  
  op->next = cycle->first;

--- a/api/v2/glue/device.c
+++ b/api/v2/glue/device.c
@@ -45,15 +45,6 @@ eb_status_t eb_device_open(eb_socket_t socketp, const char* address, eb_width_t
  struct eb_socket_aux* aux;
  eb_status_t status;
  
-  socket = EB_SOCKET(socketp);
-  aux = EB_SOCKET_AUX(socket->aux);
-  
-  proposed_widths &= socket->widths;
-  if (eb_width_possible(proposed_widths) == 0) {
-    *result = EB_NULL;
-    return EB_WIDTH;
-  }
-  
  devicep = eb_new_device();
  if (devicep == EB_NULL) {
    *result = EB_NULL;
@@ -67,6 +58,17 @@ eb_status_t eb_device_open(eb_socket_t socketp, const char* address, eb_width_t
    return EB_OOM;
  }
  
+  socket = EB_SOCKET(socketp);
+  aux = EB_SOCKET_AUX(socket->aux);
+  
+  proposed_widths &= socket->widths;
+  if (eb_width_possible(proposed_widths) == 0) {
+    eb_free_link(linkp);
+    eb_free_device(devicep);
+    *result = EB_NULL;
+    return EB_WIDTH;
+  }
+  
  device = EB_DEVICE(devicep);
  device->socket = socketp;
  device->ready = EB_NULL;

--- a/api/v2/glue/socket.c
+++ b/api/v2/glue/socket.c
@@ -54,7 +54,7 @@ const char* eb_status(eb_status_t code) {
 eb_status_t eb_socket_open(int port, eb_width_t supported_widths, eb_socket_t* result) {
  eb_socket_t socketp;
  eb_socket_aux_t auxp;
-  eb_transport_t transportp;
+  eb_transport_t transportp, first_transport;
  struct eb_transport* transport;
  struct eb_socket* socket;
  struct eb_socket_aux* aux;
@@ -86,19 +86,8 @@ eb_status_t eb_socket_open(int port, eb_width_t supported_widths, eb_socket_t* r
    return EB_OOM;
  }
  
-  socket = EB_SOCKET(socketp);
-  socket->first_device = EB_NULL;
-  socket->first_handler = EB_NULL;
-  socket->first_response = EB_NULL;
-  socket->last_response = EB_NULL;
-  socket->widths = supported_widths;
-  socket->aux = auxp;
-  
-  aux = EB_SOCKET_AUX(auxp);
-  aux->time_cache = 0;
-  aux->rba = 0x8000;
-  aux->first_transport = EB_NULL;
-  
+  /* Allocate the transports */
+  first_transport = EB_NULL;
  for (link_type = 0; link_type != eb_transport_size; ++link_type) {
    transportp = eb_new_transport();
    
@@ -120,11 +109,26 @@ eb_status_t eb_socket_open(int port, eb_width_t supported_widths, eb_socket_t* r
    /* Stop if some other problem */
    if (status != EB_OK) break;
    
-    transport->next = aux->first_transport;
+    transport->next = first_transport;
    transport->link_type = link_type;
-    aux->first_transport = transportp;
+    first_transport = transportp;
  }
  
+  /* Allocation is finished, dereference the pointers */
+  
+  socket = EB_SOCKET(socketp);
+  socket->first_device = EB_NULL;
+  socket->first_handler = EB_NULL;
+  socket->first_response = EB_NULL;
+  socket->last_response = EB_NULL;
+  socket->widths = supported_widths;
+  socket->aux = auxp;
+  
+  aux = EB_SOCKET_AUX(auxp);
+  aux->time_cache = 0;
+  aux->rba = 0x8000;
+  aux->first_transport = first_transport;
+  
  if (link_type != eb_transport_size) {
    eb_socket_close(socketp);
    return status;
@@ -214,15 +218,6 @@ eb_status_t eb_socket_attach(eb_socket_t socketp, eb_handler_t handler) {
  struct eb_handler_address* address;
  struct eb_handler_callback* callback;
  
-  socket = EB_SOCKET(socketp);
-  
-  /* See if it overlaps other devices */
-  for (i = socket->first_handler; i != EB_NULL; i = address->next) {
-    address = EB_HANDLER_ADDRESS(i);
-    if (((address->base ^ handler->base) & ~(address->mask | handler->mask)) == 0)
-      return EB_ADDRESS;
-  }
-  
  /* Get memory */
  addressp = eb_new_handler_address();
  if (addressp == EB_NULL)
@@ -234,6 +229,18 @@ eb_status_t eb_socket_attach(eb_socket_t socketp, eb_handler_t handler) {
    return EB_OOM;
  }
  
+  socket = EB_SOCKET(socketp);
+  
+  /* See if it overlaps other devices */
+  for (i = socket->first_handler; i != EB_NULL; i = address->next) {
+    address = EB_HANDLER_ADDRESS(i);
+    if (((address->base ^ handler->base) & ~(address->mask | handler->mask)) == 0) {
+      eb_free_handler_callback(callbackp);
+      eb_free_handler_address(addressp);
+      return EB_ADDRESS;
+    }
+  }
+  
  /* Insert the new virtual device */
  address = EB_HANDLER_ADDRESS(addressp);
  callback = EB_HANDLER_CALLBACK(callbackp);