patrick/zephyr
1
0
Fork 0
Code Issues Pull requests Actions 8 Packages Projects Releases Wiki Activity

ARC: fault: Fix uninitialized memory access

Browse source 
Found via static analysis. In fault path when checking for stack
overflows, if CONFIG_MULTITHREADING is not set, `guard_end` is left
uninitialized and is subsequently used in a comparison.

The solution is to simply return `false` in this configuration as stack
guards are not configured in the first place.

Signed-off-by: François Baldassari <francois@memfault.com>
This commit is contained in:
François Baldassari 2024-04-26 13:15:15 -04:00 committed by Fabio Baltieri
parent 6837ca808b
commit 3f78ca9873
1 changed files with 2 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
arch/arc/core/fault.c
View file

@ -53,9 +53,8 @@ static const struct z_exc_handle exceptions[] = {
*/
static bool z_check_thread_stack_fail(const uint32_t fault_addr, uint32_t sp)
{
uint32_t guard_end, guard_start;
#if defined(CONFIG_MULTITHREADING)
uint32_t guard_end, guard_start;
const struct k_thread *thread = _current;
if (!thread) {
@ -90,7 +89,6 @@ static bool z_check_thread_stack_fail(const uint32_t fault_addr, uint32_t sp)
guard_end = thread->stack_info.start;
guard_start = guard_end - Z_ARC_STACK_GUARD_SIZE;
}
#endif /* CONFIG_MULTITHREADING */
/* treat any MPU exceptions within the guard region as a stack
* overflow.As some instrustions
@ -101,6 +99,7 @@ static bool z_check_thread_stack_fail(const uint32_t fault_addr, uint32_t sp)
if (fault_addr < guard_end && fault_addr >= guard_start) {
return true;
}
#endif /* CONFIG_MULTITHREADING */
return false;
}