Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Heap protect #747

Merged
merged 12 commits into from
Aug 23, 2023
Merged

Heap protect #747

merged 12 commits into from
Aug 23, 2023

Conversation

oliverlavery
Copy link
Contributor

@oliverlavery oliverlavery commented Aug 11, 2023
edited by aggarg
Loading

Implement configENABLE_HEAP_PROTECTOR.

Description

  • Setting configENABLE_HEAP_PROTECTOR to 1 obfuscates heap block pointers by XORing them with an application supplied canary value. This obfuscation helps to catch heap corruption should a heap buffer overflow occur.
  • This PR also adds heap bounds checking to heap_4 and heap_5.
  • This PR also adds some additional integer underflow checks.

Test Steps

Test harnesses to verify the effect of the change in the POSIX simulator are available here:

With configENABLE_HEAP_PROTECTOR set to 1, overwriting a free list block leads to an assert on an out of bounds heap pointer. I have also manually verified allocation, free, and corruption in GDB.

The POSIX simulator full demo works correctly with both heap_4.c and heap_5.c regardless of the configENABLE_HEAP_PROTECTOR setting.

Checklist:

  • I have tested my changes. No regression in existing tests.
  • I have modified and/or added unit-tests to cover the code changes in this Pull Request.

Related Issue

N/A

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@oliverlavery oliverlavery requested a review from a team as a code owner August 11, 2023 13:05
@ydhuang28
Copy link

ydhuang28 commented Aug 14, 2023
edited
Loading

@oliverlavery Thank you for the PR. The PR is perhaps missing some changes to FreeRTOSConfig.h since the new config macro you proposed is not defined currently and I don't see a change to FreeRTOSConfig.h.

FreeRTOSConfig.h is located in FreeRTOS/FreeRTOS. Could you make a similar PR there to add this macro and link it here? Thanks!

@codecov
Copy link

codecov bot commented Aug 14, 2023
edited
Loading

Codecov Report

Patch and project coverage have no change.

Comparison is base (b9f488a) 94.35% compared to head (f73609f) 94.35%.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #747   +/-   ##
=======================================
  Coverage   94.35%   94.35%           
=======================================
  Files           6        6           
  Lines        2446     2446           
  Branches      598      598           
=======================================
  Hits         2308     2308           
  Misses         85       85           
  Partials       53       53
Flag Coverage Δ
unittests 94.35% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@oliverlavery
Copy link
Contributor Author

@ydhuang28 Sure thing. I force pushed another commit to this PR to add configENABLE_HEAP_PROTECTOR to FreeRTOS.h

aggarg and others added 4 commits August 21, 2023 12:19
@aggarg
Merge branch 'main' into heap-protect
59a3330
@aggarg
Code review suggestions
a80080e 
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
@aggarg
Merge branch 'main' into heap-protect
03b2e8a
@aggarg
Core review suggestions
4e1a977 
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
oliverlavery
oliverlavery commented Aug 21, 2023
View reviewed changes
include/FreeRTOS.h Outdated Show resolved Hide resolved
@aggarg
Address review feedback
7c4c046 
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
@aggarg
Fix formatting
826b441 
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
@aggarg
Fix formatting
9c935a9 
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
@aggarg
Minor formatting changes
f73609f 
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
@aggarg aggarg merged commit 0d9649c into FreeRTOS:main Aug 23, 2023
13 checks passed
laroche pushed a commit to laroche/FreeRTOS-Kernel that referenced this pull request Apr 18, 2024
@RichardBarry @kar-rahul-aws
@actions-user @aggarg
Update some tests to report error line numbers (FreeRTOS#747)
8e8dad2 
* To assist debugging, update a subset of demos to store the line number on which an error is detected rather than just storing a boolean as to whether an error detected or not.

* Correct return value of xAreInterruptSemaphoreTasksStillRunning() made incorrect by the prior commit.

* Uncrustify: triggered by comment.


---------

Co-authored-by: none <>
Co-authored-by: Rahul Kar <118818625+kar-rahul-aws@users.noreply.github.com>
Co-authored-by: Rahul Kar <karahulx@amazon.com>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Gaurav-Aggarwal-AWS <33462878+aggarg@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AniruddhaKanhere AniruddhaKanhere AniruddhaKanhere approved these changes

@aggarg aggarg aggarg approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@oliverlavery @ydhuang28 @aggarg @AniruddhaKanhere