Mirrors_Framework/nuttx
1
0
Fork 0
mirror of https://github.com/apache/nuttx.git synced 2026-05-28 03:45:50 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

node/driver: make SIZEOF_NOTE_START return the right size

Browse Source 
The value returned by sizeof(struct note_start_s) is larger
than the actual memory footprint of struct note_start_s.

This causes the length calculated in sched_note_start to be larger
than the actual memory size,which further leads to out-of-bounds reads in note_common.

Signed-off-by: guohao15 <guohao15@xiaomi.com>
This commit is contained in:
guohao15
2025-07-04 17:43:27 +08:00
committed by Matteo Golin
parent 172dd3959a
commit 029a5f5383
2 changed files with 2 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
drivers/note/note_driver.c
+2 -2
View File
@@ -117,9 +117,9 @@ struct note_startalloc_s
}; };
#if CONFIG_TASK_NAME_SIZE > 0 #if CONFIG_TASK_NAME_SIZE > 0
# define SIZEOF_NOTE_START(n) (sizeof(struct note_start_s) + (n) - 1) # define SIZEOF_NOTE_START(n) (sizeof(struct note_common_s) + (n))
#else #else
# define SIZEOF_NOTE_START(n) (sizeof(struct note_start_s)) # define SIZEOF_NOTE_START(n) (sizeof(struct note_common_s))
#endif #endif
#if CONFIG_DRIVERS_NOTE_TASKNAME_BUFSIZE > 0 #if CONFIG_DRIVERS_NOTE_TASKNAME_BUFSIZE > 0
include/nuttx/sched_note.h
-10
View File
@@ -324,16 +324,6 @@ struct note_common_s
clock_t nc_systime; /* Time when note was buffered */ clock_t nc_systime; /* Time when note was buffered */
}; };
/* This is the specific form of the NOTE_START note */
struct note_start_s
{
struct note_common_s nst_cmn; /* Common note parameters */
#if CONFIG_TASK_NAME_SIZE > 0
char nst_name[1]; /* Start of the name of the thread/task */
#endif
};
/* This is the specific form of the NOTE_STOP note */ /* This is the specific form of the NOTE_STOP note */
struct note_stop_s struct note_stop_s