Mirrors_Framework/nuttx
1
0
Fork 0
mirror of https://github.com/apache/nuttx.git synced 2026-05-18 08:54:05 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

sched/tls: fix uninitialized argv pointer in task info

Browse Source 
The TCB initializes the pid early, but the argvstack is not initialized
at that time. This may cause invalid addresses to be obtained when
nxsched_get_stackargs is called during task enumeration.
Initialize the argv pointer to NULL to enable safe validity checks.

Signed-off-by: hujun5 <hujun5@xiaomi.com>
This commit is contained in:
hujun5
2025-04-18 14:27:23 +08:00
committed by Alan C. Assis
parent 4e40393cc4
commit 92bbe4f6ac
6 changed files with 25 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
include/nuttx/tls.h
+2 -1
View File
@@ -199,7 +199,7 @@ struct tls_cleanup_s
struct tls_info_s
{
FAR struct task_info_s * tl_task;
FAR struct task_info_s *tl_task;
#if defined(CONFIG_TLS_NELEM) && CONFIG_TLS_NELEM > 0
uintptr_t tl_elem[CONFIG_TLS_NELEM]; /* TLS elements */
@@ -224,6 +224,7 @@ struct tls_info_s
uint16_t tl_size; /* Actual size with alignments */
int tl_errno; /* Per-thread error number */
pid_t tl_tid; /* Thread ID */
FAR char **tl_argv; /* Arguments first string */
};
/****************************************************************************
sched/sched/sched_get_tls.c
+1 -2
View File
@@ -75,6 +75,5 @@ FAR char **nxsched_get_stackargs(FAR struct tcb_s *tcb)
{
/* The args data follows the TLS data */
return (FAR char**)((FAR char *)tcb->stack_alloc_ptr +
nxsched_get_tls(tcb)->tl_size);
return nxsched_get_tls(tcb)->tl_argv;
}
sched/task/task_argvstr.c
+6 -3
View File
@@ -89,11 +89,14 @@ size_t nxtask_argvstr(FAR struct tcb_s *tcb, FAR char *args, size_t size)
else
#endif
{
FAR char **argv = nxsched_get_stackargs(tcb) + 1;
FAR char **argv = nxsched_get_stackargs(tcb);
while (*argv != NULL && n < size)
if (argv++)
{
n += snprintf(args + n, size - n, " %s", *argv++);
while (*argv != NULL && n < size)
{
n += snprintf(args + n, size - n, " %s", *argv++);
}
}
}
sched/task/task_setup.c
+3
View File
@@ -630,6 +630,9 @@ int nxtask_setup_stackargs(FAR struct tcb_s *tcb,
stackargv[argc + 1] = NULL;
/* Initialize argv last to avoid accessing the partial initialized fields */
nxsched_get_tls(tcb)->tl_argv = stackargv;
return OK;
}
sched/tls/tls_dupinfo.c
+7
View File
@@ -70,5 +70,12 @@ int tls_dup_info(FAR struct tcb_s *dst, FAR struct tcb_s *src)
/* Attach per-task info in group to TLS */
info->tl_task = dst->group->tg_info;
/* Initialize the starting address of argv to NULL to prevent
* it from being misused.
*/
info->tl_argv = NULL;
return OK;
}
sched/tls/tls_initinfo.c
+6
View File
@@ -78,5 +78,11 @@ int tls_init_info(FAR struct tcb_s *tcb)
info->tl_tid = tcb->pid;
/* Initialize the starting address of argv to NULL to prevent
* it from being misused.
*/
info->tl_argv = NULL;
return OK;
}