esp_rom: remove functions which depend on sizeof(struct stat)

...and all their callers. With the upcoming switch from sizeof(time_t)==4 to sizeof(time_t)==8, sizeof(struct stat) is also increasing. A few newlib functions present in ROM allocate 'struct stat' on the stack and call _fstat_r on this structure. The implementation of fstat is provided in ESP-IDF. This implementation will often do memset(st, 0, sizeof(*st)), where st is 'struct stat*', before setting some fields of this structure. If IDF is built with sizeof(st) different from sizeof(st) which ROM was built with, this will lead to an out-of-bounds write and a stack corruption. This commit removes problematic ROM functions from the linker script. Here are the functions which allocate 'struct stat': * _isatty_r (in ROM) * __swhatbuf_r, called by __smakebuf_r, called by __swsetup_r and __srefill_r (in ROM) * _fseeko_r (not in ROM) * glob2 (not in ROM) * _gettemp (not in ROM) As a result, these functions are used from libc.a, and use correct size of 'stat' structure. Closes https://github.com/espressif/esp-idf/issues/7980
2025-11-03 00:21:44 +01:00 · 2022-01-06 15:20:04 +01:00
parent 5d47efb72d
commit 24c20d188e
12 changed files with 103 additions and 48 deletions
--- a/components/esp_rom/esp32h2/ld/rev1/esp32h2.rom.newlib.ld
+++ b/components/esp_rom/esp32h2/ld/rev1/esp32h2.rom.newlib.ld
@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2020-2021 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2020-2022 Espressif Systems (Shanghai) CO LTD
 *
 * SPDX-License-Identifier: Apache-2.0
 */
@@ -31,7 +31,6 @@ strncmp = 0x40000378;
 strlen = 0x4000037c;
 strstr = 0x40000380;
 bzero = 0x40000384;
-_isatty_r = 0x40000388;
 sbrk = 0x4000038c;
 isalnum = 0x40000390;
 isalpha = 0x40000394;
@@ -90,11 +89,8 @@ PROVIDE( fflush = 0x40000464 );
 PROVIDE( _fflush_r = 0x40000468 );
 PROVIDE( _fwalk = 0x4000046c );
 PROVIDE( _fwalk_reent = 0x40000470 );
-PROVIDE( __smakebuf_r = 0x40000474 );
-PROVIDE( __swhatbuf_r = 0x40000478 );
 PROVIDE( __swbuf_r = 0x4000047c );
 __swbuf = 0x40000480;
-PROVIDE( __swsetup_r = 0x40000484 );
 /* Data (.data, .bss, .rodata) */
 syscall_table_ptr = 0x3fcdffdc;
 _global_impure_ptr = 0x3fcdffd8;
--- a/components/esp_rom/esp32h2/ld/rev2/esp32h2.rom.newlib.ld
+++ b/components/esp_rom/esp32h2/ld/rev2/esp32h2.rom.newlib.ld
@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2020-2021 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2020-2022 Espressif Systems (Shanghai) CO LTD
 *
 * SPDX-License-Identifier: Apache-2.0
 */
@@ -31,7 +31,6 @@ strncmp = 0x400004a4;
 strlen = 0x400004a8;
 strstr = 0x400004ac;
 bzero = 0x400004b0;
-_isatty_r = 0x400004b4;
 sbrk = 0x400004b8;
 isalnum = 0x400004bc;
 isalpha = 0x400004c0;
@@ -90,11 +89,8 @@ fflush = 0x40000590;
 _fflush_r = 0x40000594;
 _fwalk = 0x40000598;
 _fwalk_reent = 0x4000059c;
-__smakebuf_r = 0x400005a0;
-__swhatbuf_r = 0x400005a4;
 __swbuf_r = 0x400005a8;
 __swbuf = 0x400005ac;
-__swsetup_r = 0x400005b0;
 _strtod_l = 0x400005b4;
 _strtod_r = 0x400005b8;
 strtod_l = 0x400005bc;