CFSTORE - Fix crashed due to uninit data

c1728p9 · c1728p9 · commit 9368766cb095 · 2016-10-19T17:24:08.000-05:00
When the config store is powered down area_0_head is freed, but
area_0_len is not set to 0. This causes when cfstore_realloc_ex is
called, since on the first allocation it appears that the config store
size is decreasing, and therefore the data is not initialized.

Since the data is uninitiated various fields such as the reference
can have invalid values. On GCC_ARM built with heap stats enabled
this manifests as a crash due to an invalid reference count.

This patch fixes this problem by setting area_0_len to 0 when the data
is freed.
diff --git a/features/storage/FEATURE_STORAGE/cfstore/source/configuration_store.c b/features/storage/FEATURE_STORAGE/cfstore/source/configuration_store.c
@@ -4045,6 +4045,7 @@ static int32_t cfstore_uninitialise(void)
             CFSTORE_FREE(ctx->area_0_head);
             ctx->area_0_head = NULL;
             ctx->area_0_tail = NULL;
+            ctx->area_0_len = 0;
         }
     }
 out:

Original file line number	Diff line number	Diff line change
`@@ -4045,6 +4045,7 @@ static int32_t cfstore_uninitialise(void)`
`4045`	`4045`	`CFSTORE_FREE(ctx->area_0_head);`
`4046`	`4046`	`ctx->area_0_head = NULL;`
`4047`	`4047`	`ctx->area_0_tail = NULL;`
	`4048`	`+ ctx->area_0_len = 0;`
`4048`	`4049`	`}`
`4049`	`4050`	`}`
`4050`	`4051`	`out:`