[
https://issues.apache.org/jira/browse/MYNEWT-189?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
William San Filippo resolved MYNEWT-189.
----------------------------------------
Resolution: Fixed
Added parameter bounds checking for mbuf api and added test case for it.
> os mbuf api parameter bound checking improvements
> -------------------------------------------------
>
> Key: MYNEWT-189
> URL: https://issues.apache.org/jira/browse/MYNEWT-189
> Project: Mynewt
> Issue Type: Improvement
> Affects Versions: v0_8_0_beta1
> Reporter: William San Filippo
> Assignee: William San Filippo
> Priority: Minor
> Fix For: v0_8_0_beta2
>
>
> There are a number of os mbuf API exposed to the developer that will cause
> harmful behavior if the developer calls these API with out of range
> parameters. For instance, os_mbuf_get_pkthdr(struct os_mbuf *om, uint8_t
> user_pkthdr_len). If the user calls this with too large a user packet header
> length, the data pointer in the mbuf will point outside the mbuf (most likely
> into a different mbuf!).
> First, we need to agree that the code should prevent the above from
> occurring, and then we need to review the code to determine which api should
> be modified.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
