py/gc: Zero out all newly allocated memory to prevent stale pointers.

dpgeorge · dpgeorge · commit 1c0343f9d991 · 2016-04-18T15:09:34.000+01:00
diff --git a/py/gc.c b/py/gc.c
@@ -409,12 +409,12 @@ void *gc_alloc(size_t n_bytes, bool has_finaliser) {
     void *ret_ptr = (void*)(MP_STATE_MEM(gc_pool_start) + start_block * BYTES_PER_BLOCK);
     DEBUG_printf("gc_alloc(%p)\n", ret_ptr);
 
-    // zero out the additional bytes of the newly allocated blocks
+    // Zero out all the bytes of the newly allocated blocks.
     // This is needed because the blocks may have previously held pointers
     // to the heap and will not be set to something else if the caller
     // doesn't actually use the entire block.  As such they will continue
     // to point to the heap and may prevent other blocks from being reclaimed.
-    memset((byte*)ret_ptr + n_bytes, 0, (end_block - start_block + 1) * BYTES_PER_BLOCK - n_bytes);
+    memset((byte*)ret_ptr, 0, (end_block - start_block + 1) * BYTES_PER_BLOCK);
 
     #if MICROPY_ENABLE_FINALISER
     if (has_finaliser) {
@@ -620,8 +620,8 @@ void *gc_realloc(void *ptr_in, size_t n_bytes, bool allow_move) {
             ATB_FREE_TO_TAIL(bl);
         }
 
-        // zero out the additional bytes of the newly allocated blocks (see comment above in gc_alloc)
-        memset((byte*)ptr_in + n_bytes, 0, new_blocks * BYTES_PER_BLOCK - n_bytes);
+        // zero out the bytes of the newly allocated blocks (see comment above in gc_alloc)
+        memset((byte*)ptr_in + n_blocks * BYTES_PER_BLOCK, 0, (new_blocks - n_blocks) * BYTES_PER_BLOCK);
 
         #if EXTENSIVE_HEAP_PROFILING
         gc_dump_alloc_table();
diff --git a/py/malloc.c b/py/malloc.c
@@ -114,10 +114,7 @@ void *m_malloc_with_finaliser(size_t num_bytes) {
 
 void *m_malloc0(size_t num_bytes) {
     void *ptr = m_malloc(num_bytes);
-    if (ptr == NULL && num_bytes != 0) {
-        return m_malloc_fail(num_bytes);
-    }
-    memset(ptr, 0, num_bytes);
+    // memory is already cleared by gc_alloc
     return ptr;
 }
 
