Add underflow check to UNPOISON counter decrement

Make sure that extra UNPOISON calls do not cause the poisoning counter to underflow and wrap around. Memory that is unpoisoned multiple times should remain unpoisoned. Signed-off-by: David Horstmann <david.horstmann@arm.com>
2025-09-08 06:40:16 -04:00 · 2024-01-17 15:27:50 +00:00 · 2024-01-17 15:27:50 +00:00 · e7bfbc27bf
commit e7bfbc27bf
parent 1b421b1005
1 changed files with 3 additions and 1 deletions
--- a/tests/include/test/memory.h
+++ b/tests/include/test/memory.h
@ -93,7 +93,9 @@ void mbedtls_test_memory_unpoison(const unsigned char *ptr, size_t size);
 #define MBEDTLS_TEST_MEMORY_UNPOISON(ptr, size)    \
    do { \
        mbedtls_test_memory_unpoison(ptr, size); \
-        mbedtls_test_memory_poisoning_count--; \
+        if (mbedtls_test_memory_poisoning_count != 0) { \
+            mbedtls_test_memory_poisoning_count--; \
+        } \
    } while (0)

 #else /* MBEDTLS_TEST_MEMORY_CAN_POISON */