From d5263778065e62a4a20f3af236f6dde7bbb3afc4 Mon Sep 17 00:00:00 2001
From: Amlal El Mahrouss <amlal@nekernel.org>
Date: Tue, 13 Jan 2026 03:31:25 +0100
Subject: chore: kernel: hotpatch: BitMap `FreeBitMap` bug fix.

Reasons:

- This commit enforces BitMapMagIdx check when freeing a so-called heap
  allocated pointer.
- This will prevent many heap corruption issues down the line.

Signed-off-by: Amlal El Mahrouss <amlal@nekernel.org>
---
 src/kernel/KernelKit/TraceSrv.h | 2 +-
 src/kernel/NeKit/Atom.h         | 2 +-
 src/kernel/NeKit/Function.h     | 2 +-
 src/kernel/src/BitMapMgr.cc     | 4 +++-
 4 files changed, 6 insertions(+), 4 deletions(-)

(limited to 'src')

diff --git a/src/kernel/KernelKit/TraceSrv.h b/src/kernel/KernelKit/TraceSrv.h
index 1118e0d9..3294d9be 100644
--- a/src/kernel/KernelKit/TraceSrv.h
+++ b/src/kernel/KernelKit/TraceSrv.h
@@ -19,7 +19,7 @@ namespace TraceSrv {
   inline constexpr auto kDebugDelim   = ';';
   inline constexpr auto kDebugEnd     = '\r';
 
-}  // namespace Detail
+}  // namespace TraceSrv
 
 }  // namespace Kernel
 
diff --git a/src/kernel/NeKit/Atom.h b/src/kernel/NeKit/Atom.h
index 3dedea32..17f26bcf 100644
--- a/src/kernel/NeKit/Atom.h
+++ b/src/kernel/NeKit/Atom.h
@@ -24,7 +24,7 @@ class Atom final {
 
   const TypeAtomic& operator[](const SizeT& bit) { return (fArrayOfAtoms & (1 << bit)); }
 
-  void  operator|(const SizeT& bit) { fArrayOfAtoms |= (1 << bit); }
+  void operator|(const SizeT& bit) { fArrayOfAtoms |= (1 << bit); }
 
   Atom& operator|=(const SizeT& bit) {
     this->operator|(bit);
diff --git a/src/kernel/NeKit/Function.h b/src/kernel/NeKit/Function.h
index 77d9aa23..c26c4ea0 100644
--- a/src/kernel/NeKit/Function.h
+++ b/src/kernel/NeKit/Function.h
@@ -17,7 +17,7 @@ class Function final {
   Function()        = delete;
   Function(nullPtr) = delete;
 
-  ~Function()       = default;
+  ~Function() = default;
   Function(T (*Fn)(Args... args)) : fFn(Fn) { MUST_PASS(fFn); }
 
   Function& operator=(const Function&) = delete;
diff --git a/src/kernel/src/BitMapMgr.cc b/src/kernel/src/BitMapMgr.cc
index 5cae02c1..d15b2a75 100644
--- a/src/kernel/src/BitMapMgr.cc
+++ b/src/kernel/src/BitMapMgr.cc
@@ -47,9 +47,11 @@ namespace HAL {
 
         UIntPtr* ptr_bit_set = reinterpret_cast<UIntPtr*>(page_ptr);
 
+        if (ptr_bit_set[kBitMapMagIdx] != kBitMapMagic) return No;
+
         kBitMapCursor += ptr_bit_set[kBitMapSizeIdx];
 
-        ptr_bit_set[kBitMapMagIdx]  = kBitMapMagic;
+        ptr_bit_set[kBitMapMagIdx]  = 0UL;
         ptr_bit_set[kBitMapUsedIdx] = No;
 
         this->GetBitMapStatus(ptr_bit_set);
-- 
cgit v1.2.3