mirror of
https://github.com/apache/nuttx.git
synced 2026-03-27 10:39:28 +08:00
635f64ebb8
The elf_emit_tcb_stack() function in coredump.c was calculating the stackbuffer length and emitting the stack data without validating whether thecalculated buffer range (buf + len) exceeds the actual bounds of the TCB'sstack memory region (stack_base_ptr + adj_stack_size). This could lead to out-of-bounds memory access when the calculated stacklength is larger than the available stack space, potentially causing memorycorruption, crashes, or incorrect core dump generation. This fix adds a bounds check: 1. Compares the end of the intended stack buffer (buf + len) against the upper limit of the TCB's stack (stack_base_ptr + adj_stack_size). 2. If the buffer would exceed the stack bounds, truncates the length to fit within the valid stack memory range. The change ensures safe memory access during core dump generation,preventing out-of-bounds reads and improving the robustness of the coredumpfeature. Signed-off-by: chao an <anchao.archer@bytedance.com>