@@ -177,9 +177,7 @@ void NVStore::set_max_keys(uint16_t num_keys)
177177{
178178 uint16_t key = 0 , old_max_keys = 0 ;
179179
180- MBED_ASSERT (num_keys < get_max_possible_keys ());
181-
182- if (num_keys < NVSTORE_NUM_PREDEFINED_KEYS) {
180+ if (num_keys < NVSTORE_NUM_PREDEFINED_KEYS || num_keys >= get_max_possible_keys ()) {
183181 return ;
184182 }
185183
@@ -196,6 +194,7 @@ void NVStore::set_max_keys(uint16_t num_keys)
196194 if (num_keys < _max_keys) {
197195 for (key = num_keys; key < _max_keys; key++) {
198196 if (_offset_by_key[key] != 0 ) {
197+ _mutex->unlock ();
199198 return ;
200199 }
201200 }
@@ -212,7 +211,12 @@ void NVStore::set_max_keys(uint16_t num_keys)
212211 // Reallocate _offset_by_key with new size
213212 uint32_t *old_offset_by_key = (uint32_t *) _offset_by_key;
214213 uint32_t *new_offset_by_key = new uint32_t [_max_keys];
214+
215215 MBED_ASSERT (new_offset_by_key);
216+ if (!new_offset_by_key) {
217+ _mutex->unlock ();
218+ return ;
219+ }
216220
217221 // Copy old content to new table
218222 memset (new_offset_by_key, 0 , sizeof (uint32_t ) * _max_keys);
@@ -249,6 +253,10 @@ void NVStore::calc_validate_area_params()
249253 size_t flash_addr;
250254 size_t sector_size;
251255
256+ if (flash_size == 0 ) {
257+ return ;
258+ }
259+
252260 int area = 0 ;
253261 size_t left_size = flash_size;
254262
@@ -293,7 +301,6 @@ void NVStore::calc_validate_area_params()
293301 _flash_area_params[0 ].size = 0 ;
294302 _flash_area_params[1 ].size = 0 ;
295303 while (area >= 0 ) {
296- MBED_ASSERT (flash_addr > flash_start_addr);
297304 sector_size = _flash->get_sector_size (flash_addr - 1 );
298305 flash_addr -= sector_size;
299306 _flash_area_params[area].size += sector_size;
@@ -827,8 +834,9 @@ int NVStore::init()
827834 // Check if we are on internal memory && try to set the internal memory for TDBStore use.
828835 ret = avoid_conflict_nvstore_tdbstore (NVSTORE);
829836 // NVstore in internal memory can not be initialize when TDBStore is in use
830- MBED_ASSERT (ret != MBED_ERROR_ALREADY_INITIALIZED);
831-
837+ if (ret == MBED_ERROR_ALREADY_INITIALIZED) {
838+ return ret;
839+ }
832840
833841 // This handles the case that init function is called by more than one thread concurrently.
834842 // Only the one who gets the value of 1 in _init_attempts_val will proceed, while others will
@@ -842,17 +850,23 @@ int NVStore::init()
842850 }
843851
844852 _mutex = new PlatformMutex;
845- MBED_ASSERT (_mutex);
853+ if (!_mutex) {
854+ return NVSTORE_OS_ERROR;
855+ }
846856
847857 _size = (uint32_t ) -1 ;
848858 _flash = new mbed::FlashIAP;
849- MBED_ASSERT (_flash);
859+ if (!_flash) {
860+ return NVSTORE_OS_ERROR;
861+ }
850862 _flash->init ();
851863
852864 _min_prog_size = std::max (_flash->get_page_size (), (uint32_t )sizeof (nvstore_record_header_t ));
853865 if (_min_prog_size > sizeof (nvstore_record_header_t )) {
854866 _page_buf = new uint8_t [_min_prog_size];
855- MBED_ASSERT (_page_buf);
867+ if (!_page_buf) {
868+ return NVSTORE_OS_ERROR;
869+ }
856870 }
857871
858872 calc_validate_area_params ();
@@ -869,7 +883,9 @@ int NVStore::init()
869883 // Find start of empty space at the end of the area. This serves for both
870884 // knowing whether the area is empty and for the record traversal at the end.
871885 ret = calc_empty_space (area, free_space_offset_of_area[area]);
872- MBED_ASSERT (!ret);
886+ if (ret) {
887+ return ret;
888+ }
873889
874890 if (!free_space_offset_of_area[area]) {
875891 area_state[area] = NVSTORE_AREA_STATE_EMPTY;
@@ -881,7 +897,9 @@ int NVStore::init()
881897 ret = read_record (area, 0 , sizeof (master_rec), &master_rec,
882898 actual_size, 0 , valid,
883899 key, flags, owner, next_offset);
884- MBED_ASSERT ((ret == NVSTORE_SUCCESS) || (ret == NVSTORE_BUFF_TOO_SMALL));
900+ if ((ret != NVSTORE_SUCCESS) && (ret != NVSTORE_BUFF_TOO_SMALL)) {
901+ return ret;
902+ }
885903 if (ret == NVSTORE_BUFF_TOO_SMALL) {
886904 // Buf too small error means that we have a corrupt master record -
887905 // treat it as such
@@ -891,7 +909,9 @@ int NVStore::init()
891909 // We have a non valid master record, in a non-empty area. Just erase the area.
892910 if ((!valid) || (key != master_record_key)) {
893911 ret = flash_erase_area (area);
894- MBED_ASSERT (!ret);
912+ if (ret) {
913+ return ret;
914+ }
895915 area_state[area] = NVSTORE_AREA_STATE_EMPTY;
896916 continue ;
897917 }
@@ -914,7 +934,9 @@ int NVStore::init()
914934 }
915935
916936 _offset_by_key = new uint32_t [_max_keys];
917- MBED_ASSERT (_offset_by_key);
937+ if (!_offset_by_key) {
938+ return NVSTORE_OS_ERROR;
939+ }
918940
919941 for (key = 0 ; key < _max_keys; key++) {
920942 _offset_by_key[key] = 0 ;
@@ -924,7 +946,9 @@ int NVStore::init()
924946 if ((area_state[0 ] == NVSTORE_AREA_STATE_EMPTY) && (area_state[1 ] == NVSTORE_AREA_STATE_EMPTY)) {
925947 _active_area = 0 ;
926948 ret = write_master_record (_active_area, 1 , _free_space_offset);
927- MBED_ASSERT (ret == NVSTORE_SUCCESS);
949+ if (ret != NVSTORE_SUCCESS) {
950+ return ret;
951+ }
928952 _init_done = 1 ;
929953 return NVSTORE_SUCCESS;
930954 }
@@ -939,15 +963,19 @@ int NVStore::init()
939963 }
940964 _active_area_version = versions[_active_area];
941965 ret = flash_erase_area (1 - _active_area);
942- MBED_ASSERT (!ret);
966+ if (ret) {
967+ return ret;
968+ }
943969 }
944970
945971 // Traverse area until reaching the empty space at the end or until reaching a faulty record
946972 while (_free_space_offset < free_space_offset_of_area[_active_area]) {
947973 ret = read_record (_active_area, _free_space_offset, 0 , NULL ,
948974 actual_size, 1 , valid,
949975 key, flags, owner, next_offset);
950- MBED_ASSERT (ret == NVSTORE_SUCCESS);
976+ if (ret != NVSTORE_SUCCESS) {
977+ return ret;
978+ }
951979
952980 // In case we have a faulty record, this probably means that the system crashed when written.
953981 // Perform a garbage collection, to make the other area valid.
0 commit comments