Skip to content

Commit

Permalink
Merge branch 'contrib/github_pr_9529_v4.3' into 'release/v4.3'
Browse files Browse the repository at this point in the history 
component_bt: Fixed memory leak due to not freeing memory if posting a message to a thread fails(v4.3)

See merge request espressif/esp-idf!21473
  • Loading branch information
@jack0c
jack0c committed Dec 8, 2022
2 parents 05c497e + 84e400c commit df901e0
Show file tree
Hide file tree
Showing 65 changed files with 611 additions and 498 deletions.
15 changes: 9 additions & 6 deletions components/bt/common/api/esp_blufi_api.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,8 @@ esp_err_t esp_blufi_send_wifi_conn_report(wifi_mode_t opmode, esp_blufi_sta_conn
arg.wifi_conn_report.softap_conn_num = softap_conn_num;
arg.wifi_conn_report.extra_info = extra_info;

return (btc_transfer_context(&msg, &arg, sizeof(btc_blufi_args_t), btc_blufi_call_deep_copy) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL);
return (btc_transfer_context(&msg, &arg, sizeof(btc_blufi_args_t), btc_blufi_call_deep_copy,
btc_blufi_call_deep_free) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL);
}

esp_err_t esp_blufi_send_wifi_list(uint16_t apCount, esp_blufi_ap_record_t *list)
Expand All @@ -62,7 +63,8 @@ esp_err_t esp_blufi_send_wifi_list(uint16_t apCount, esp_blufi_ap_record_t *list
arg.wifi_list.apCount = apCount;
arg.wifi_list.list = list;

return (btc_transfer_context(&msg, &arg, sizeof(btc_blufi_args_t), btc_blufi_call_deep_copy) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL);
return (btc_transfer_context(&msg, &arg, sizeof(btc_blufi_args_t), btc_blufi_call_deep_copy,
btc_blufi_call_deep_free) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL);
}

esp_err_t esp_blufi_profile_init(void)
Expand All @@ -75,7 +77,7 @@ esp_err_t esp_blufi_profile_init(void)
msg.pid = BTC_PID_BLUFI;
msg.act = BTC_BLUFI_ACT_INIT;

return (btc_transfer_context(&msg, NULL, 0, NULL) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL);
return (btc_transfer_context(&msg, NULL, 0, NULL, NULL) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL);
}

esp_err_t esp_blufi_profile_deinit(void)
Expand All @@ -88,7 +90,7 @@ esp_err_t esp_blufi_profile_deinit(void)
msg.pid = BTC_PID_BLUFI;
msg.act = BTC_BLUFI_ACT_DEINIT;

return (btc_transfer_context(&msg, NULL, 0, NULL) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL);
return (btc_transfer_context(&msg, NULL, 0, NULL, NULL) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL);
}

uint16_t esp_blufi_get_version(void)
Expand All @@ -108,7 +110,7 @@ esp_err_t esp_blufi_send_error_info(esp_blufi_error_state_t state)
msg.act = BTC_BLUFI_ACT_SEND_ERR_INFO;
arg.blufi_err_infor.state = state;

return (btc_transfer_context(&msg, &arg, sizeof(btc_blufi_args_t), NULL) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL);
return (btc_transfer_context(&msg, &arg, sizeof(btc_blufi_args_t), NULL, NULL) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL);
}

esp_err_t esp_blufi_send_custom_data(uint8_t *data, uint32_t data_len)
Expand All @@ -126,6 +128,7 @@ esp_err_t esp_blufi_send_custom_data(uint8_t *data, uint32_t data_len)
arg.custom_data.data = data;
arg.custom_data.data_len = data_len;

return (btc_transfer_context(&msg, &arg, sizeof(btc_blufi_args_t), btc_blufi_call_deep_copy) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL);
return (btc_transfer_context(&msg, &arg, sizeof(btc_blufi_args_t), btc_blufi_call_deep_copy,
btc_blufi_call_deep_free) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL);
}
#endif ///BLUFI_INCLUDED == TRUE
33 changes: 16 additions & 17 deletions components/bt/common/btc/core/btc_task.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -194,9 +194,6 @@ static void btc_thread_handler(void *arg)
break;
}

if (msg->arg) {
osi_free(msg->arg);
}
osi_free(msg);
}

Expand All @@ -215,59 +212,61 @@ static bt_status_t btc_task_post(btc_msg_t *msg, uint32_t timeout)
* @param arg paramter
* @param arg_len length of paramter
* @param copy_func deep copy function
* @param free_func deep free function
* @return BT_STATUS_SUCCESS: success
* others: fail
*/
bt_status_t btc_transfer_context(btc_msg_t *msg, void *arg, int arg_len, btc_arg_deep_copy_t copy_func)
bt_status_t btc_transfer_context(btc_msg_t *msg, void *arg, int arg_len, btc_arg_deep_copy_t copy_func,
btc_arg_deep_free_t free_func)
{
btc_msg_t* lmsg;

bt_status_t ret;
// arg XOR arg_len
if ((msg == NULL) || ((arg == NULL) == !(arg_len == 0))) {
BTC_TRACE_WARNING("%s Invalid parameters\n", __func__);
return BT_STATUS_PARM_INVALID;
}

BTC_TRACE_DEBUG("%s msg %u %u %u %p\n", __func__, msg->sig, msg->pid, msg->act, arg);

lmsg = (btc_msg_t *)osi_malloc(sizeof(btc_msg_t));
lmsg = (btc_msg_t *)osi_malloc(sizeof(btc_msg_t) + arg_len);
if (lmsg == NULL) {
BTC_TRACE_WARNING("%s No memory\n", __func__);
return BT_STATUS_NOMEM;
}

memcpy(lmsg, msg, sizeof(btc_msg_t));
if (arg) {
lmsg->arg = (void *)osi_malloc(arg_len);
if (lmsg->arg == NULL) {
osi_free(lmsg);
return BT_STATUS_NOMEM;
}
memset(lmsg->arg, 0x00, arg_len); //important, avoid arg which have no length
memcpy(lmsg->arg, arg, arg_len);
if (copy_func) {
copy_func(lmsg, lmsg->arg, arg);
}
} else {
lmsg->arg = NULL;
}

return btc_task_post(lmsg, OSI_THREAD_MAX_TIMEOUT);
ret = btc_task_post(lmsg, OSI_THREAD_MAX_TIMEOUT);
if (ret != BT_STATUS_SUCCESS) {
if (copy_func && free_func) {
free_func(lmsg);
}
osi_free(lmsg);
}

return ret;
}

/**
* transfer an message to another module in tha same task.
* @param msg message
* @param arg paramter
* @return BT_STATUS_SUCCESS: success
* others: fail
*/
bt_status_t btc_inter_profile_call(btc_msg_t *msg, void *arg)
bt_status_t btc_inter_profile_call(btc_msg_t *msg)
{
if (msg == NULL) {
return BT_STATUS_PARM_INVALID;
}

msg->arg = arg;
switch (msg->sig) {
case BTC_SIG_API_CALL:
profile_tab[msg->pid].btc_call(msg);
Expand Down
10 changes: 6 additions & 4 deletions components/bt/common/btc/include/btc/btc_task.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ typedef struct btc_msg {
uint8_t aid; //application id
uint8_t pid; //profile id
uint8_t act; //profile action, defined in seprerate header files
void *arg; //param for btc function or function param
UINT8 arg[0]; //param for btc function or function param
} btc_msg_t;

typedef struct btc_adv_packet {
Expand Down Expand Up @@ -98,26 +98,28 @@ typedef struct {
} btc_func_t;

typedef void (* btc_arg_deep_copy_t)(btc_msg_t *msg, void *dst, void *src);
typedef void (* btc_arg_deep_free_t)(btc_msg_t *msg);

/**
* transfer an message to another module in the different task.
* @param msg message
* @param arg paramter
* @param arg_len length of paramter
* @param copy_func deep copy function
* @param free_func deep free function
* @return BT_STATUS_SUCCESS: success
* others: fail
*/
bt_status_t btc_transfer_context(btc_msg_t *msg, void *arg, int arg_len, btc_arg_deep_copy_t copy_func);
bt_status_t btc_transfer_context(btc_msg_t *msg, void *arg, int arg_len, btc_arg_deep_copy_t copy_func,
btc_arg_deep_free_t free_func);

/**
* transfer an message to another module in tha same task.
* @param msg message
* @param arg paramter
* @return BT_STATUS_SUCCESS: success
* others: fail
*/
bt_status_t btc_inter_profile_call(btc_msg_t *msg, void *arg);
bt_status_t btc_inter_profile_call(btc_msg_t *msg);

bt_status_t btc_init(void);
void btc_deinit(void);
Expand Down
10 changes: 5 additions & 5 deletions components/bt/common/btc/profile/esp/blufi/bluedroid_host/esp_blufi.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -144,7 +144,7 @@ static void blufi_profile_cb(tBTA_GATTS_EVT event, tBTA_GATTS *p_data)
msg.act = ESP_BLUFI_EVENT_DEINIT_FINISH;
param.deinit_finish.state = ESP_BLUFI_DEINIT_OK;

btc_transfer_context(&msg, &param, sizeof(esp_blufi_cb_param_t), NULL);
btc_transfer_context(&msg, &param, sizeof(esp_blufi_cb_param_t), NULL, NULL);

break;
}
Expand Down Expand Up @@ -283,7 +283,7 @@ static void blufi_profile_cb(tBTA_GATTS_EVT event, tBTA_GATTS *p_data)
msg.act = ESP_BLUFI_EVENT_INIT_FINISH;
param.init_finish.state = ESP_BLUFI_INIT_OK;

btc_transfer_context(&msg, &param, sizeof(esp_blufi_cb_param_t), NULL);
btc_transfer_context(&msg, &param, sizeof(esp_blufi_cb_param_t), NULL, NULL);
break;
}
case BTA_GATTS_CONNECT_EVT: {
Expand All @@ -307,7 +307,7 @@ static void blufi_profile_cb(tBTA_GATTS_EVT event, tBTA_GATTS *p_data)
param.connect.conn_id = BTC_GATT_GET_CONN_ID(p_data->conn.conn_id);
conn_id = param.connect.conn_id;
server_if = p_data->conn.server_if;
btc_transfer_context(&msg, &param, sizeof(esp_blufi_cb_param_t), NULL);
btc_transfer_context(&msg, &param, sizeof(esp_blufi_cb_param_t), NULL, NULL);
break;
}
case BTA_GATTS_DISCONNECT_EVT: {
Expand Down Expand Up @@ -335,7 +335,7 @@ static void blufi_profile_cb(tBTA_GATTS_EVT event, tBTA_GATTS *p_data)
msg.pid = BTC_PID_BLUFI;
msg.act = ESP_BLUFI_EVENT_BLE_DISCONNECT;
memcpy(param.disconnect.remote_bda, p_data->conn.remote_bda, ESP_BLUFI_BD_ADDR_LEN);
btc_transfer_context(&msg, &param, sizeof(esp_blufi_cb_param_t), NULL);
btc_transfer_context(&msg, &param, sizeof(esp_blufi_cb_param_t), NULL, NULL);
break;
}
case BTA_GATTS_OPEN_EVT:
Expand Down Expand Up @@ -410,7 +410,7 @@ esp_err_t esp_blufi_close(esp_gatt_if_t gatts_if, uint16_t conn_id)
msg.pid = BTC_PID_GATTS;
msg.act = BTC_GATTS_ACT_CLOSE;
arg.close.conn_id = BTC_GATT_CREATE_CONN_ID(gatts_if, conn_id);
return (btc_transfer_context(&msg, &arg, sizeof(btc_ble_gatts_args_t), NULL)
return (btc_transfer_context(&msg, &arg, sizeof(btc_ble_gatts_args_t), NULL, NULL)
== BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL);
}

Expand Down
2 changes: 1 addition & 1 deletion components/bt/common/btc/profile/esp/blufi/blufi_prf.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,7 @@ void btc_blufi_report_error(esp_blufi_error_state_t state)
msg.act = ESP_BLUFI_EVENT_REPORT_ERROR;
esp_blufi_cb_param_t param;
param.report_error.state = state;
btc_transfer_context(&msg, &param, sizeof(esp_blufi_cb_param_t), NULL);
btc_transfer_context(&msg, &param, sizeof(esp_blufi_cb_param_t), NULL, NULL);
}

void btc_blufi_recv_handler(uint8_t *data, int len)
Expand Down
Loading

0 comments on commit df901e0

Please sign in to comment.