You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@mynewt.apache.org by "William San Filippo (JIRA)" <ji...@apache.org> on 2016/03/02 06:48:18 UTC

[jira] [Created] (MYNEWT-189) os mbuf api parameter bound checking improvements

William San Filippo created MYNEWT-189:
------------------------------------------

             Summary: os mbuf api parameter bound checking improvements
                 Key: MYNEWT-189
                 URL: https://issues.apache.org/jira/browse/MYNEWT-189
             Project: Mynewt
          Issue Type: Improvement
    Affects Versions: v0_8_0_beta1
            Reporter: William San Filippo
            Priority: Minor
             Fix For: v0_8_0_beta2


There are a number of os mbuf API exposed to the developer that will cause harmful behavior if the developer calls these API with out of range parameters. For instance, os_mbuf_get_pkthdr(struct os_mbuf *om, uint8_t user_pkthdr_len). If the user calls this with too large a user packet header length, the data pointer in the mbuf will point outside the mbuf (most likely into a different mbuf!).

First, we need to agree that the code should prevent the above from occurring, and then we need to review the code to determine which api should be modified.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)