Skip to content

[stable-v2.12] zephyr: fix overflow and overlap checks in memcpy_s #9771

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
kv2019i merged 1 commit into from
Jan 9, 2025
Merged

[stable-v2.12] zephyr: fix overflow and overlap checks in memcpy_s #9771

kv2019i merged 1 commit into from
Jan 9, 2025

Conversation

@kv2019i
Copy link
Collaborator

@kv2019i kv2019i commented Jan 9, 2025

This patch addresses an issue in the memcpy_s function within the Zephyr RTOS string header. The issue was identified during IPC3 fuzz testing with UndefinedBehaviorSanitizer enabled.

Changes include:

  • Adding stdint.h for uintptr_t type.
  • Adding checks to prevent overflow in pointer arithmetic.
  • Adjusting overlap checks to avoid overflow.

These changes ensure that the memcpy_s function correctly handles edge cases, preventing undefined behavior due to pointer arithmetic overflow and memory overlap.

Fixes #9768

(cherry picked from commit 7d11802)

@tmleman @kv2019i
zephyr: fix overflow and overlap checks in memcpy_s
f5892f1 
This patch addresses an issue in the `memcpy_s` function within the
Zephyr RTOS string header. The issue was identified during IPC3 fuzz
testing with UndefinedBehaviorSanitizer enabled.

Changes include:
- Adding `stdint.h` for `uintptr_t` type.
- Adding checks to prevent overflow in pointer arithmetic.
- Adjusting overlap checks to avoid overflow.

These changes ensure that the `memcpy_s` function correctly handles edge
cases, preventing undefined behavior due to pointer arithmetic overflow
and memory overlap.

Fixes thesofproject#9768

Signed-off-by: Tomasz Leman <tomasz.m.leman@intel.com>
(cherry picked from commit 7d11802)
Signed-off-by: Kai Vehmanen <kai.vehmanen@linux.intel.com>
@kv2019i kv2019i requested a review from tmleman January 9, 2025 13:02
@kv2019i
Copy link
Collaborator Author

kv2019i commented Jan 9, 2025

FYI @lyakh @cgturner1 interesting in stable-v2.12 branch the github flows pass without space issues, so it must be some recent change in SOF main that has caused the space requirements to jump up.

@kv2019i kv2019i merged commit 2d9853e into thesofproject:stable-v2.12 Jan 9, 2025
44 of 47 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tmleman tmleman tmleman approved these changes

@lyakh lyakh Awaiting requested review from lyakh lyakh is a code owner

@iuliana-prodan iuliana-prodan Awaiting requested review from iuliana-prodan iuliana-prodan is a code owner

@dbaluta dbaluta Awaiting requested review from dbaluta dbaluta is a code owner

@abonislawski abonislawski Awaiting requested review from abonislawski abonislawski is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kv2019i @tmleman