fix(freertos): Limit idle task name length copy operation and ensure null-termination of the idle task name string #1203
Conversation
sudeep-mohanty
force-pushed
the
fix/idle_task_name_len
branch
3 times, most recently
from
fdaaa9e to
7eedbf7
Compare
There was a problem hiding this comment.
Doing this means you no longer need the logic within the for loop that limits how many characters are copied into the buffer. you might as well remove that logic as well. Also, since you are already using strlen why not just replace all of this code with strncpy? https://cplusplus.com/reference/cstring/strncpy/ with n set to to the max length?
sudeep-mohanty
force-pushed
the
fix/idle_task_name_len
branch
from
7eedbf7 to
d2accc9
Compare
|
@jasonpcarroll I've removed the On a second note, just discovered that there is a potential problem in handling the null-termination of the I've updated the logic to use strncat instead. |
sudeep-mohanty
force-pushed
the
fix/idle_task_name_len
branch
from
d2accc9 to
d847f2c
Compare
@jasonpcarroll Looks like I would need an additional review on SonarQube for using |
sudeep-mohanty
force-pushed
the
fix/idle_task_name_len
branch
3 times, most recently
from
910d17a to
b17ebab
Compare
|
@jasonpcarroll Could you let me know if this PR is reviewable as is or do I need to make some changes for the checks to pass. Thanks. |
|
We try to avoid |
sudeep-mohanty
force-pushed
the
fix/idle_task_name_len
branch
from
4b8401c to
89d32c9
Compare
|
Thanks for the inputs @aggarg! I've incorporated your suggestions but since it did not address the out-of-bound mem copy operation warnings flagged by static code analyzers, I have added a fix for it as well. PTAL. Thanks. |
sudeep-mohanty
changed the title
…rmination This commit: - Limits the idle task name length copy operation to prevent Out-of-bounds memory access warnings from static code analyzers. - Fixes a bug where in the idle task name could be non null-terminated string for SMP configuration. Signed-off-by: Sudeep Mohanty <sudeep.mohanty@espressif.com>
sudeep-mohanty
force-pushed
the
fix/idle_task_name_len
branch
from
89d32c9 to
47d9407
Compare
|
Updated corresponding unit test in FreeRTOS PR #1314. |
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
PR Link - FreeRTOS/FreeRTOS-Kernel#1203. Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
This allows using pointer to string for configIDLE_TASK_NAME. Coverage tests do that. Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
Fix coverage tests for Kernel PR 1203 PR Link - FreeRTOS/FreeRTOS-Kernel#1203. Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
|
This PR:
- Limits the idle task name length copy operation to prevent Out-of-bounds memory access warnings from static code analyzers.
- Fixes a bug where in the idle task name could be non null-terminated string for SMP configuration.
Description
prvCreateIdleTasks(), we have the operation -configIDLE_TASK_NAMEas an array of 5 bytes (I, D, L, E, \0) but the loop running forconfigMAX_TASK_NAME_LENiterations which could be more than 5.\0character is present in theconfigIDLE_TASK_NAMEarray and hence can not predict that the loop will break before an Out-of-bounds memory access is made.configIDLE_TASK_NAMEorconfigMAX_TASK_NAME_LEN. This ensures that the copy operation runs for exactly the required number of iterations to copy the idle task name, 5 by default.IDLEtask name ifstrlen(configIDLE_TASK_NAME) = configMAX_TASK_NAME_LEN - 1when SMP configuration is enabled. The current code would append the core ID to the task name and in the process overwrites the null terminator. It then exists the loop as there is no more space to add a null terminator.Test Steps
tasks.con a tool like Coverity.Checklist:
Related Issue
None
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.