[WIP] upstream nshlib add var expansion in nsh parse #4
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
PX4BuildBot
pushed a commit
that referenced
this pull request
Jan 2, 2020
Application.mk remove _main suffix from REGLIST
PX4BuildBot
pushed a commit
that referenced
this pull request
May 8, 2021
For EINVAL, it doesn't make sense to keep parsing.
(For E2BIG, it might make some sense.)
Found by LLVM ASan.
```
=================================================================
==81622==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020000000f2 at pc 0x00010d2746ca bp 0x7ffee29a9980 sp 0x7ffee29a9978
READ of size 1 at 0x6020000000f2 thread T0
#0 0x10d2746c9 in netlib_parseurl netlib_parseurl.c:121
#1 0x10d26b293 in parseurl webclient.c:479
#2 0x10d265e48 in webclient_perform webclient.c:690
#3 0x10d277c5b in main main.c:210
#4 0x7fff7a06f3d4 in start+0x0 (libdyld.dylib:x86_64+0x163d4)
0x6020000000f2 is located 0 bytes to the right of 2-byte region [0x6020000000f0,0x6020000000f2)
allocated by thread T0 here:
#0 0x10d3996d3 in wrap_strdup+0x203 (libclang_rt.asan_osx_dynamic.dylib:x86_64+0x3e6d3)
#1 0x10d276abe in main main.c:147
#2 0x7fff7a06f3d4 in start+0x0 (libdyld.dylib:x86_64+0x163d4)
SUMMARY: AddressSanitizer: heap-buffer-overflow netlib_parseurl.c:121 in netlib_parseurl
Shadow bytes around the buggy address:
0x1c03ffffffc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x1c03ffffffd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x1c03ffffffe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x1c03fffffff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x1c0400000000: fa fa fd fd fa fa fd fd fa fa 00 00 fa fa 00 00
=>0x1c0400000010: fa fa 00 fa fa fa 00 00 fa fa 00 06 fa fa[02]fa
0x1c0400000020: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x1c0400000030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x1c0400000040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x1c0400000050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x1c0400000060: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
==81622==ABORTING
```
PX4BuildBot
pushed a commit
that referenced
this pull request
Oct 1, 2024
wdog.c:190:3: runtime error: signed integer overflow: 9223372036854775807 + 1 cannot be represented in type 'long int'
#0 0x40e35d3a in wdog_test_run /home/cuiziwei/ska/vela/vela-dev2/apps/testing/ostest/wdog.c:190
#1 0x40e35e75 in wdog_test_thread /home/cuiziwei/ska/vela/vela-dev2/apps/testing/ostest/wdog.c:207
#2 0x40773ffa in pthread_startup pthread/pthread_create.c:59
#3 0x4495e037 in pthread_start pthread/pthread_create.c:139
#4 0x40301864 in pre_start sim/sim_initialstate.c:52
Signed-off-by: cuiziwei <[email protected]>
PX4BuildBot
pushed a commit
that referenced
this pull request
Dec 1, 2024
Even though one could in theory simply set CONFIG_MBEDTLS_VERSION="3.6.2",
this commit is needed for 2 reasons:
1. The patches need to be updated: 0001 works almost as-is (with fuzz 2)
but 0002 hunk #4 fails and needed adjustment. Otherwise, the patches
are identical.
2. mbedtls_config.h needs to be updated: Following the same approach
for the Kconfig this commit updates both Kconfig and mbedtls_config.h
according to the changes:
mbedtls$ git diff v3.4.0...v3.6.2 -- include/mbedtls/mbedtls_config.h
Minor edits also to crypto/controlse to comply with v3.6.2.
Signed-off-by: George Poulios <[email protected]>
PX4BuildBot
pushed a commit
that referenced
this pull request
Dec 17, 2024
…ter was read
#0 0x43c7443a in strnlen nuttx/libs/libc/string/lib_strnlen.c:42
#1 0x43c698aa in vsprintf_internal nuttx/libs/libc/stdio/lib_libvsprintf.c:933
#2 0x43c6ca80 in lib_vsprintf nuttx/libs/libc/stdio/lib_libvsprintf.c:1383
#3 0x4409c0bd in vsnprintf nuttx/libs/libc/stdio/lib_vsnprintf.c:72
#4 0x47137cd0 in vcmocka_print_error apps/testing/cmocka/cmocka/src/cmocka.c:2097
#5 0x47139573 in cmocka_print_error apps/testing/cmocka/cmocka/src/cmocka.c:2422
#6 0x471376ff in string_equal_display_error apps/testing/cmocka/cmocka/src/cmocka.c:1410
#7 0x471379a0 in _assert_string_equal apps/testing/cmocka/cmocka/src/cmocka.c:1952
#8 0x4433d972 in read_default apps/testing/drivertest/drivertest_uart.c:242
#9 0x4713c6cd in cmocka_run_one_test_or_fixture apps/testing/cmocka/cmocka/src/cmocka.c:3029
#10 0x4713d487 in cmocka_run_one_tests apps/testing/cmocka/cmocka/src/cmocka.c:3143
#11 0x4713f2ca in _cmocka_run_group_tests apps/testing/cmocka/cmocka/src/cmocka.c:3294
#12 0x443444c6 in cmocka_driver_uart_main apps/testing/drivertest/drivertest_uart.c:358
#13 0x4409a472 in nxtask_startup nuttx/libs/libc/sched/task_startup.c:72
#14 0x43dc92e7 in nxtask_start nuttx/sched/task/task_start.c:116
#15 0x43e31f00 in pre_start nuttx/arch/sim/src/sim/sim_initialstate.c:52
Signed-off-by: zhangshoukui <[email protected]>
PX4BuildBot
pushed a commit
that referenced
this pull request
Jan 16, 2025
…int to a stack space
==1805058==ERROR: AddressSanitizer: heap-use-after-free on address 0xe18126a0 at pc 0x52b06320 bp 0xd7b13ee8 sp 0xd7b13ed8
READ of size 1 at 0xe18126a0 thread T0
#0 0x52b0631f in tre_parse regex/regcomp.c:1356
#1 0x52b2b1d0 in regcomp regex/regcomp.c:3710
#2 0x48f55435 in c_regexmatch cmocka/src/cmocka.c:494
#3 0x48f65bcf in _cmocka_run_group_tests cmocka/src/cmocka.c:3252
#4 0x48f67e2d in cmocka_fs_test_main apps/testing/testsuites/kernel/fs/cmocka_fs_test.c:201
#5 0x46210b2a in nxtask_startup sched/task_startup.c:72
#6 0x45ff40fb in nxtask_start task/task_start.c:116
#7 0x462695bb in pre_start sim/sim_initialstate.c:52
Signed-off-by: zhangshoukui <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I'd like to get this small nsh change contributed upstream.
@davids5 could you dig up any history for why this change would have been rejected upstream and what needs to be addressed? Not urgent, but it would be nice to be fully in sync with regular NuttX apps.