Fix #2536, msg api test buffer overrun #2537
Conversation
jphickey
added
the
CCB:Ready
jphickey
force-pushed
the
fix-2536-msgapi-buffer
branch
from
2c55e70
to
e83aa11
Compare
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| UtAssert_INT32_EQ(CFE_MSG_SetType(CFE_MSG_PTR(cmd2), CFE_MSG_Type_Cmd), CFE_SUCCESS); | ||
| /* test generate-checksum on commands */ | ||
| CFE_Assert_STATUS_STORE(CFE_MSG_ValidateChecksum(CFE_MSG_PTR(cmd), &isValid)); | ||
| if (CFE_Assert_STATUS_MAY_BE(CFE_SUCCESS)) |
Check warning
Code scanning / CodeQL
Side effect in a Boolean expression Warning test
| UtAssert_INT32_EQ(CFE_MSG_ValidateChecksum(CFE_MSG_PTR(cmd), &isValid), CFE_SUCCESS); | ||
| UtAssert_BOOL_TRUE(isValid); | ||
| } | ||
| else if (CFE_Assert_STATUS_MAY_BE(CFE_MSG_WRONG_MSG_TYPE)) |
Check warning
Code scanning / CodeQL
Side effect in a Boolean expression Warning test
|
|
||
| /* test generate-checksum on telemetry */ | ||
| CFE_Assert_STATUS_STORE(CFE_MSG_ValidateChecksum(CFE_MSG_PTR(tlm), &isValid)); | ||
| if (CFE_Assert_STATUS_MAY_BE(CFE_SUCCESS)) |
Check warning
Code scanning / CodeQL
Side effect in a Boolean expression Warning test
| if (!CFE_Assert_STATUS_MAY_BE(CFE_SUCCESS)) | ||
| /* Check if GetMsgTime is implemented on commands */ | ||
| CFE_Assert_STATUS_STORE(CFE_MSG_GetMsgTime(CFE_MSG_PTR(cmd), &msgTime)); | ||
| if (CFE_Assert_STATUS_MAY_BE(CFE_SUCCESS)) |
Check warning
Code scanning / CodeQL
Side effect in a Boolean expression Warning test
| if (!CFE_Assert_STATUS_MAY_BE(CFE_SUCCESS)) | ||
| /* Check if GetMsgTime is implemented on telemetry */ | ||
| CFE_Assert_STATUS_STORE(CFE_MSG_GetMsgTime(CFE_MSG_PTR(tlm), &msgTime)); | ||
| if (CFE_Assert_STATUS_MAY_BE(CFE_SUCCESS)) |
Check warning
Code scanning / CodeQL
Side effect in a Boolean expression Warning test
For secondary header checks, different functions may (or may not) be implemented on commands vs telemetry. The functional test must not assume one or the other is implemented. It should dynamically check both checksum and timestamp based on the return value of the API call.
jphickey
force-pushed
the
fix-2536-msgapi-buffer
branch
from
e83aa11
to
24a2b21
Compare
| UtAssert_INT32_EQ(CFE_MSG_ValidateChecksum(CFE_MSG_PTR(tlm), &isValid), CFE_SUCCESS); | ||
| UtAssert_BOOL_TRUE(isValid); | ||
| } | ||
| else if (CFE_Assert_STATUS_MAY_BE(CFE_MSG_WRONG_MSG_TYPE)) |
Check warning
Code scanning / CodeQL
Side effect in a Boolean expression Warning test
|
|
||
| CFE_Assert_STATUS_STORE(CFE_MSG_SetMsgTime(CFE_MSG_PTR(cmd2), currentTime)); | ||
| if (!CFE_Assert_STATUS_MAY_BE(CFE_SUCCESS)) | ||
| else if (CFE_Assert_STATUS_MAY_BE(CFE_MSG_WRONG_MSG_TYPE)) |
Check warning
Code scanning / CodeQL
Side effect in a Boolean expression Warning test
| UtAssert_INT32_EQ(CFE_MSG_GetMsgTime(CFE_MSG_PTR(tlm), &msgTime), CFE_SUCCESS); | ||
| UtAssert_UINT32_EQ(CFE_TIME_Compare(msgTime, currentTime), CFE_TIME_EQUAL); | ||
| } | ||
| else if (CFE_Assert_STATUS_MAY_BE(CFE_MSG_WRONG_MSG_TYPE)) |
Check warning
Code scanning / CodeQL
Side effect in a Boolean expression Warning test
|
Should be ready now. This now has two separate buffers (cmd and tlm) and allows either operation (checksum, timestamp) to independently work or not work on either buffer. |
dzbaker
added
CCB:Approved
Fix #2536, msg api test buffer overrun
*Combines:* cFE equuleus-rc1+dev141 osal equuleus-rc1+dev66 PSP equuleus-rc1+dev42 **Includes:** *cFS* - #751 - #762 *cFE* - nasa/cFE#2537 - nasa/cFE#2381 - nasa/cFE#2551 *osal* - nasa/osal#1460 *PSP* - nasa/PSP#430 Co-authored by: Justin Figueroa <[email protected]> Co-authored by: Joseph Hickey <[email protected]>
*Combines:* cFE equuleus-rc1+dev137 osal equuleus-rc1+dev66 PSP equuleus-rc1+dev42 to_lab equuleus-rc1+dev56 **Includes:** *cFS* - #751 - #762 *cFE* - nasa/cFE#2537 - nasa/cFE#2525 *osal* - nasa/osal#1460 *PSP* - nasa/PSP#430 *to_lab* - nasa/to_lab#198 Co-authored by: Justin Figueroa <[email protected]> Co-authored by: Joseph Hickey <[email protected]> Co-authored by: Cody Martin <[email protected]>
*Combines:* cFE equuleus-rc1+dev137 osal equuleus-rc1+dev66 PSP equuleus-rc1+dev42 to_lab equuleus-rc1+dev56 **Includes:** *cFS* - #751 - #762 *cFE* - nasa/cFE#2537 - nasa/cFE#2525 *osal* - nasa/osal#1460 *PSP* - nasa/PSP#430 *to_lab* - nasa/to_lab#198 Co-authored by: Justin Figueroa <[email protected]> Co-authored by: Joseph Hickey <[email protected]> Co-authored by: Cody Martin <[email protected]> Co-authored by: Dan Knutsen <[email protected]>
Checklist (Please check before submitting)
Describe the contribution
Corrects the buffer type used in the msg api tests, to be sized appropriately for either command or telemetry. When the secondary header accessor from the other type is used, it will not overrun the buffer.
Fixes #2536
Testing performed
Run functional tests
Expected behavior changes
No buffer overrun reports when using
-fsanitize=addressSystem(s) tested on
Debian
Contributor Info - All information REQUIRED for consideration of pull request
Joseph Hickey, Vantage Systems, Inc.