From 658a0acdbef252928054f6f7feb6bb01462864ae Mon Sep 17 00:00:00 2001 From: Angus Gratton Date: Tue, 4 May 2021 16:37:58 +1000 Subject: [PATCH 1/3] freertos: Check for arithmetic overflows on queue creation Addition overflow check is from FreeRTOS kernel commit 47338393f1f79558f6144213409f09f81d7c4837 --- components/freertos/queue.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/components/freertos/queue.c b/components/freertos/queue.c index c00a940cc2..81df2db898 100644 --- a/components/freertos/queue.c +++ b/components/freertos/queue.c @@ -395,6 +395,12 @@ Queue_t * const pxQueue = xQueue; xQueueSizeInBytes = ( size_t ) ( uxQueueLength * uxItemSize ); /*lint !e961 MISRA exception as the casts are only redundant for some ports. */ } + /* Check for multiplication overflow. */ + configASSERT( ( uxItemSize == 0 ) || ( uxQueueLength == ( xQueueSizeInBytes / uxItemSize ) ) ); + + /* Check for addition overflow. */ + configASSERT( ( sizeof( Queue_t ) + xQueueSizeInBytes ) > xQueueSizeInBytes ); + /* Allocate the queue and storage area. Justification for MISRA deviation as follows: pvPortMalloc() always ensures returned memory blocks are aligned per the requirements of the MCU stack. In this case From d30ec8c94e94625fd39518162df162c9cac95673 Mon Sep 17 00:00:00 2001 From: Angus Gratton Date: Tue, 4 May 2021 16:43:54 +1000 Subject: [PATCH 2/3] freertos: Add addition overflow check for stream buffer Patch from upstream commit d05b9c123f2bf9090bce386a244fc934ae44db5b --- components/freertos/stream_buffer.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/components/freertos/stream_buffer.c b/components/freertos/stream_buffer.c index 5505de36fc..d5a21b0876 100644 --- a/components/freertos/stream_buffer.c +++ b/components/freertos/stream_buffer.c @@ -256,8 +256,15 @@ static void prvInitialiseNewStreamBuffer( StreamBuffer_t * const pxStreamBuffer, this is a quirk of the implementation that means otherwise the free space would be reported as one byte smaller than would be logically expected. */ - xBufferSizeBytes++; - pucAllocatedMemory = ( uint8_t * ) pvPortMalloc( xBufferSizeBytes + sizeof( StreamBuffer_t ) ); /*lint !e9079 malloc() only returns void*. */ + if( xBufferSizeBytes < ( xBufferSizeBytes + 1 + sizeof( StreamBuffer_t ) ) ) + { + xBufferSizeBytes++; + pucAllocatedMemory = ( uint8_t * ) pvPortMalloc( xBufferSizeBytes + sizeof( StreamBuffer_t ) ); /*lint !e9079 malloc() only returns void*. */ + } + else + { + pucAllocatedMemory = NULL; + } if( pucAllocatedMemory != NULL ) { From 6c9005e11b93471c5a44273b97b071487ebbe0e4 Mon Sep 17 00:00:00 2001 From: Angus Gratton Date: Thu, 8 Apr 2021 13:30:04 +1000 Subject: [PATCH 3/3] ut: Exclude test_utils component from default_2_c3 config Theory is that the large alignments in this test component are triggering linker bug (to be fixed in next toolchain update). This component is already tested in a dedicated config, so it doesn't need to be included in this config. --- tools/unit-test-app/configs/default_2_c3 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/unit-test-app/configs/default_2_c3 b/tools/unit-test-app/configs/default_2_c3 index fbd8f6d97b..0b87f01d41 100644 --- a/tools/unit-test-app/configs/default_2_c3 +++ b/tools/unit-test-app/configs/default_2_c3 @@ -1,3 +1,3 @@ # This config is split between targets since different component needs to be excluded (esp32, esp32s2) CONFIG_IDF_TARGET="esp32c3" -TEST_EXCLUDE_COMPONENTS=libsodium bt app_update freertos esp32c3 esp_ipc esp_pm esp_system esp_timer driver heap pthread soc spi_flash vfs experimental_cpp_component ulp perfmon esp-tls +TEST_EXCLUDE_COMPONENTS=libsodium bt app_update freertos esp32c3 esp_ipc esp_pm esp_system esp_timer driver heap pthread soc spi_flash vfs experimental_cpp_component ulp perfmon esp-tls test_utils