github-forks
/
FreeRTOS-Kernel
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix(freertos): Limit idle task name length copy operation and ensure null-termination of the idle task name string (#1203)

Browse Source 
* fix(freertos): Limit idle task name copy operation and ensure null termination

This commit:
- Limits the idle task name length copy operation to prevent
  Out-of-bounds memory access warnings from static code analyzers.
- Fixes a bug where in the idle task name could be non null-terminated
  string for SMP configuration.

Signed-off-by: Sudeep Mohanty <sudeep.mohanty@espressif.com>
pull/1214/head
Sudeep Mohanty 1 month ago committed by GitHub
parent cc31510088
commit f31787d35d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 18 additions and 33 deletions
Show Stats Download Patch File Download Diff File

51
tasks.c
Unescape Escape View File

@ -3524,27 +3524,28 @@ static BaseType_t prvCreateIdleTasks( void )
{ {
BaseType_t xReturn = pdPASS; BaseType_t xReturn = pdPASS;
BaseType_t xCoreID; BaseType_t xCoreID;
char cIdleName[ configMAX_TASK_NAME_LEN ]; char cIdleName[ configMAX_TASK_NAME_LEN ] = { 0 };
TaskFunction_t pxIdleTaskFunction = NULL; TaskFunction_t pxIdleTaskFunction = NULL;
BaseType_t xIdleTaskNameIndex; BaseType_t xIdleTaskNameIndex;
BaseType_t xIdleNameLen;
BaseType_t xCopyLen;
for( xIdleTaskNameIndex = ( BaseType_t ) 0; xIdleTaskNameIndex < ( BaseType_t ) configMAX_TASK_NAME_LEN; xIdleTaskNameIndex++ ) configASSERT( ( configIDLE_TASK_NAME != NULL ) && ( configMAX_TASK_NAME_LEN > 3 ) );
/* The length of the idle task name is limited to the minimum of the length
* of configIDLE_TASK_NAME and configMAX_TASK_NAME_LEN - 2, keeping space
* for the core ID suffix and the null-terminator. */
xIdleNameLen = strlen( configIDLE_TASK_NAME );
xCopyLen = xIdleNameLen < ( configMAX_TASK_NAME_LEN - 2 ) ? xIdleNameLen : ( configMAX_TASK_NAME_LEN - 2 );
for( xIdleTaskNameIndex = ( BaseType_t ) 0; xIdleTaskNameIndex < xCopyLen; xIdleTaskNameIndex++ )
{ {
cIdleName[ xIdleTaskNameIndex ] = configIDLE_TASK_NAME[ xIdleTaskNameIndex ]; cIdleName[ xIdleTaskNameIndex ] = configIDLE_TASK_NAME[ xIdleTaskNameIndex ];
/* Don't copy all configMAX_TASK_NAME_LEN if the string is shorter than
* configMAX_TASK_NAME_LEN characters just in case the memory after the
* string is not accessible (extremely unlikely). */
if( cIdleName[ xIdleTaskNameIndex ] == ( char ) 0x00 )
{
break;
}
else
{
mtCOVERAGE_TEST_MARKER();
}
} }
/* Ensure null termination. */
cIdleName[ xIdleTaskNameIndex ] = '\0';
/* Add each idle task at the lowest priority. */ /* Add each idle task at the lowest priority. */
for( xCoreID = ( BaseType_t ) 0; xCoreID < ( BaseType_t ) configNUMBER_OF_CORES; xCoreID++ ) for( xCoreID = ( BaseType_t ) 0; xCoreID < ( BaseType_t ) configNUMBER_OF_CORES; xCoreID++ )
{ {
@ -3573,25 +3574,9 @@ static BaseType_t prvCreateIdleTasks( void )
* only one idle task. */ * only one idle task. */
#if ( configNUMBER_OF_CORES > 1 ) #if ( configNUMBER_OF_CORES > 1 )
{ {
/* Append the idle task number to the end of the name if there is space. */ /* Append the idle task number to the end of the name. */
if( xIdleTaskNameIndex < ( BaseType_t ) configMAX_TASK_NAME_LEN ) cIdleName[ xIdleTaskNameIndex ] = ( char ) ( xCoreID + '0' );
{ cIdleName[ xIdleTaskNameIndex + 1 ] = '\0';
cIdleName[ xIdleTaskNameIndex ] = ( char ) ( xCoreID + '0' );
/* And append a null character if there is space. */
if( ( xIdleTaskNameIndex + 1 ) < ( BaseType_t ) configMAX_TASK_NAME_LEN )
{
cIdleName[ xIdleTaskNameIndex + 1 ] = '\0';
}
else
{
mtCOVERAGE_TEST_MARKER();
}
}
else
{
mtCOVERAGE_TEST_MARKER();
}
} }
#endif /* if ( configNUMBER_OF_CORES > 1 ) */ #endif /* if ( configNUMBER_OF_CORES > 1 ) */

Write Preview
Loading…
Cancel
Save