Merge branch 'main' into dev-routing-stats

.github/.cSpellWords.txt

@@ -454,6 +454,7 @@ FPSP
 FRAMERX
 FRMFILTER
 frms
+fsanitize
 FSDMA
 FTSR
 FUDUP

.github/workflows/ci.yml

@@ -38,27 +38,56 @@ jobs:
           echo "::endgroup::"
           echo -e "${{ env.bashPass }} ${{ env.stepName }} ${{ env.bashEnd }}"
 
+      # Separate builds for sanitizers and coverage:
+      # These can currently not be combined without branch coverage dilution.
       - env:
-          stepName: Build Unit Tests
+          stepName: Build Unit Tests (aubsan build)
         name: ${{ env.stepName }}
         run: |
           # ${{ env.stepName }}
           echo -e "::group::${{ env.bashInfo }} ${{ env.stepName }} ${{ env.bashEnd }}"
 
-          cmake -S test/unit-test -B test/unit-test/build/ -G Ninja
-          cmake --build test/unit-test/build/ --target all
+          cmake --fresh -G Ninja -S test/unit-test -B test/unit-test/build/ -DSANITIZE=address,undefined
+          ninja -C test/unit-test/build/
 
           echo "::endgroup::"
           echo -e "${{ env.bashPass }} ${{ env.stepName }} ${{ env.bashEnd }}"
 
       - env:
-          stepName: Run Unit Tests
+          stepName: Run Unit Tests (aubsan build)
         name: ${{ env.stepName }}
         shell: bash
         run: |
           # ${{ env.stepName }}
           echo -e "::group::${{ env.bashInfo }} ${{ env.stepName }} ${{ env.bashEnd }}"
 
+          env ASAN_OPTIONS=detect_odr_violation=0 ctest --test-dir test/unit-test/build/ -E system --output-on-failure
+
+          echo "::endgroup::"
+          echo -e "${{ env.bashPass }} ${{ env.stepName }} ${{ env.bashEnd }}"
+
+      - env:
+          stepName: Build Unit Tests (coverage build)
+        name: ${{ env.stepName }}
+        run: |
+          # ${{ env.stepName }}
+          echo -e "::group::${{ env.bashInfo }} ${{ env.stepName }} ${{ env.bashEnd }}"
+
+          cmake --fresh -G Ninja -S test/unit-test -B test/unit-test/build/ -DSANITIZE=
+          ninja -C test/unit-test/build/
+
+          echo "::endgroup::"
+          echo -e "${{ env.bashPass }} ${{ env.stepName }} ${{ env.bashEnd }}"
+
+      - env:
+          stepName: Run Unit Tests (coverage build)
+        name: ${{ env.stepName }}
+        shell: bash
+        run: |
+          # ${{ env.stepName }}
+          echo -e "::group::${{ env.bashInfo }} ${{ env.stepName }} ${{ env.bashEnd }}"
+
+          find test/unit-test/build/ -name '*.gcda' -delete
           ctest --test-dir test/unit-test/build/ -E system --output-on-failure
 
           echo "::endgroup::"
@@ -377,7 +406,7 @@ jobs:
       - name: Set up CBMC runner
         uses: FreeRTOS/CI-CD-Github-Actions/set_up_cbmc_runner@main
         with:
-          cbmc_version: "5.61.0"
+          cbmc_version: "5.95.1"
 
       - env:
           stepName: Install Dependencies

.github/workflows/release.yml

@@ -55,7 +55,7 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v4
         with:
-          ref: ${{ github.event.inputs.commit_id }}
+          ref: ${{ github.event.inputs.version_number }}
           path: FreeRTOS-Plus-TCP
           submodules: recursive
       - name: Checkout disabled submodules

CMakeLists.txt

@@ -1,5 +1,5 @@
 
-cmake_minimum_required(VERSION 3.15)
+cmake_minimum_required(VERSION 3.21)
 cmake_policy(SET CMP0048 NEW) # project version
 cmake_policy(SET CMP0076 NEW) # full paths
 
@@ -174,4 +174,6 @@ add_subdirectory(source)
 add_subdirectory(tools)
 add_subdirectory(test)
 
-FetchContent_MakeAvailable(freertos_kernel cmock)
+if(PROJECT_IS_TOP_LEVEL)
+    FetchContent_MakeAvailable(freertos_kernel cmock)
+endif()

History.txt

@@ -1,5 +1,74 @@
 Documentation and download available at https://www.FreeRTOS.org/
 
+Changes between FreeRTOS-plus-TCP V4.2.0 and V4.1.0 released June 24, 2024
+    + It was possible for a carefully crafted DNS response with domain name
+      length value greater than the actual domain name length, to cause a buffer
+      over-read within the DNS Response Parser. This issue affects applications
+      using DNS functionality of the FreeRTOS-Plus-TCP stack.
+      Applications that do not use DNS functionality are not affected,
+      even when the DNS functionality is enabled.
+      This issue has been fixed by modifying the code to ensure that the DNS
+      Response Parser never attempts to read beyond the DNS
+      response buffer boundary.
+      We would like to thank Paschal Amusuo, James C. Davis, and
+      Aravind Machiry of Purdue University, for reporting this issue.
+    + Fixed possible freed memory being reused while creating TCP sockets.
+      We thank @htibosch  for their contribution.
+    + Fixed possible NULL pointer dereference in TCP transmission.
+      We thank @anordal for their contribution.
+    + Added network interface port for ARM Corstone-315 (MPS4_CS315).
+      We thank @david-hazi-arm for their contribution.
+    + Fixed MISRA C 2012 issues in the code
+    + Replaced the usage strcpy with strncpy
+    + Improved memory allocation failure handling in `vDNSSetCallBack` by
+      propagating error signal back. We thank @hlef for reporting this issue.
+    + Improved memory allocation failure handling in `prvCreateSectors` by
+      propagating error signal back. We thank @hlef for reporting this issue.
+    + Enabled build on CI with sanitizers, fixed all AddressSanitizer
+      and UB-Sanitizer errors. We thank @anordal for their contribution.
+    + Fixed mDNS lookups while parsing the mDNS answers.
+      We thank @htibosch for their contribution.
+    + Fixed DNS name resolution responses when the device IP address
+      is `0.0.0.0`. We thank @evpopov  for their contribution.
+    + Avoided FreeRTOS-Plus-TCP forcing to use the compilation options
+      set in the library CMake project in user projects.
+      We thank @apcountryman  for their contribution.
+    + Enabled user control of compiler analysis for non ISO statements.
+      We thank @thirtytwobits for their contribution
+    + Fixed use of removed macro in ATSAME5x network interface.
+      We thank @apcountryman  for their contribution.
+    + Fixed inconsistent use of `ipconfigCOMPATIBLE_WITH_SINGLE`
+      & `ipconfigIPv4_BACKWARD_COMPATIBLE`
+    + Resolved Unit Test Build Warnings
+    + Added network interface functions for multicast MAC address filtering.
+      We thank @evpopov for their contribution.
+    + Fixed missing `ipconfigUSE_DNS_CACHE` check in FreeRTOS_DNS.c.
+    + Avoided compiler warnings about the printf formats in IPv6 modules.
+      We thank @htibosch for their contribution.
+    + Removed deprecated macro `ipconfigMULTI_INTERFACE`.
+      We thank @HTRamsey for their contribution.
+    + Removed unused function xProcessedTCPMessage.
+      We thank @HTRamsey for their contribution.
+    + Removed deprecated macros ipLOCAL_MAC_ADDRESS and
+      `ipLOCAL_IP_ADDRESS_POINTER`. We thank @HTRamsey  for their contribution.
+    + Fixed eARPGetCacheEntryGateWay to properly report when no valid gateway is found
+      for a packet that needs to be sent outside the local network.
+      We thank @evpopov  for their contribution.
+    + Combined duplicated IPv4/IPv6 TCP code.
+      We thank @HTRamsey for their contribution.
+    + Improved validation of configuration macros in the default
+      IP config using static compile time checks.
+      We thank @HTRamsey for their contribution.
+    + Repaired ARP unit tests which were accessing packet memory
+      outside of allocated bounds.
+    + Moved CMake compile options to test builds to avoid build issues in
+      user projects that might be not be supporting compiler options used
+      in the original Cmake. We thank @apcountryman  for their contribution.
+    + Cleaned up CMake by adding: additional unit tests, incorporating missing
+      network interface support, removing unused "config files" that are no longer
+      required, and fixing file name issues in the unit testing framework.
+      We thank @HTRamsey for their contribution.
+
 Changes between FreeRTOS-plus-TCP V4.1.0 and V4.0.0 released March 8, 2024
 	+ Add new Network Interface for Corstone-300 FVP (MPS3_AN552).
 	  We thank @urutva for their contribution.

README.md

@@ -3,6 +3,12 @@ FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. It provides a fami
 
 This library has undergone static code analysis and checks for compliance with the [MISRA coding standard](https://www.misra.org.uk/). Any deviations from the MISRA C:2012 guidelines are documented under [MISRA Deviations](https://github.com/FreeRTOS/FreeRTOS-Plus-TCP/blob/main/MISRA.md). The library is validated for memory safety and data structure invariance through the [CBMC automated reasoning tool](https://www.cprover.org/cbmc/) for the functions that parse data originating from the network. The library is also protocol tested using Maxwell protocol tester for both IPv4 and IPv6.
 
+**FreeRTOS-Plus-TCP Library V4.2.2
+[source code](https://github.com/FreeRTOS/FreeRTOS-Plus-TCP/tree/V4.2.2/source)
+is part of the
+[FreeRTOS 202406.01 LTS](https://github.com/FreeRTOS/FreeRTOS-LTS/tree/202406.01-LTS)
+release.**
+
 ## Getting started
 The easiest way to use version 4.0.0 and later of FreeRTOS-Plus-TCP is to refer the Getting started Guide (found [here](https://github.com/FreeRTOS/FreeRTOS-Plus-TCP/blob/main/GettingStarted.md))
 Another way is to start with the pre-configured IPv4 Windows Simulator demo (found in [this directory](https://github.com/FreeRTOS/FreeRTOS/tree/main/FreeRTOS-Plus/Demo/FreeRTOS_Plus_TCP_Minimal_Windows_Simulator)) or IPv6 Multi-endpoint Windows Simulator demo (found in [this directory](https://github.com/FreeRTOS/FreeRTOS/tree/main/FreeRTOS-Plus/Demo/FreeRTOS_Plus_TCP_IPv6_Demo/IPv6_Multi_WinSim_demo)). That way you will have the correct FreeRTOS source files included, and the correct include paths configured.  Once a demo application is building and executing you can remove the demo application files, and start to add in your own application source files.  See the [FreeRTOS Kernel Quick Start Guide](https://www.freertos.org/FreeRTOS-quick-start-guide.html) for detailed instructions and other useful links.
@@ -54,13 +60,12 @@ FetchContent_Declare( freertos_plus_tcp
   - this particular example supports a native and cross-compiled build option.
 
 ```cmake
-set( FREERTOS_PLUS_FAT_DEV_SUPPORT OFF CACHE BOOL "" FORCE)
 # Select the native compile PORT
-set( FREERTOS_PLUS_FAT_PORT "POSIX" CACHE STRING "" FORCE)
-# Select the cross-compile PORT
+set( FREERTOS_PLUS_TCP_NETWORK_IF "POSIX" CACHE STRING "" FORCE)
+# Or: select a cross-compile PORT
 if (CMAKE_CROSSCOMPILING)
-  # Eg. Zynq 2019_3 version of port
-  set(FREERTOS_PLUS_FAT_PORT "ZYNQ_2019_3" CACHE STRING "" FORCE)
+  # Eg. STM32Hxx version of port
+  set(FREERTOS_PLUS_TCP_NETWORK_IF "STM32HXX" CACHE STRING "" FORCE)
 endif()
 
 FetchContent_MakeAvailable(freertos_plus_tcp)

docs/doxygen/config.doxyfile

@@ -48,7 +48,7 @@ PROJECT_NAME           = FreeRTOS-Plus-TCP
 # could be handy for archiving the generated documentation or if some version
 # control system is used.
 
-PROJECT_NUMBER         = V4.1.0
+PROJECT_NUMBER         = V4.2.0
 
 # Using the PROJECT_BRIEF tag one can provide an optional one line description
 # for a project that appears at the top of each page and should give viewer a

manifest.yml

@@ -1,12 +1,12 @@
 name: "FreeRTOS-Plus-TCP"
-version: "V4.1.0"
+version: "V4.2.0"
 description:
   "Thread safe FreeRTOS TCP/IP stack working on top of the FreeRTOS-Kernel to
   implement the TCP/IP protocol. Suitable for microcontrollers."
 license: "MIT"
 dependencies:
   - name: "FreeRTOS-Kernel"
-    version: "V11.0.1"
+    version: "V11.1.0"
     license: "MIT"
     repository:
       type: "git"

source/FreeRTOS_DNS.c

@@ -150,7 +150,7 @@
  * The MAC-addresses are provided here in case a network
  * interface needs it.
  */
-        const MACAddress_t xMDNS_MACAddressIPv6 = { { 0x33, 0x33, 0x00, 0x00, 0x00, 0xFB } };
+        const MACAddress_t xMDNS_MacAddressIPv6 = { { 0x33, 0x33, 0x00, 0x00, 0x00, 0xFB } };
     #endif /* ( ipconfigUSE_MDNS == 1 ) && ( ipconfigUSE_IPv6 != 0 ) */
 
 
@@ -608,6 +608,10 @@
         BaseType_t xHasRandom = pdFALSE;
         TickType_t uxIdentifier = 0U;
 
+        #if ( ipconfigDNS_USE_CALLBACKS == 1 )
+            BaseType_t xReturnSetCallback = pdPASS;
+        #endif
+
         #if ( ipconfigUSE_DNS_CACHE != 0 )
             BaseType_t xLengthOk = pdFALSE;
         #endif
@@ -656,7 +660,7 @@
                     if( ulIPAddress != 0UL )
                     {
                         #if ( ipconfigUSE_IPv6 != 0 )
-                            if( ( ppxAddressInfo != NULL ) && ( ( *ppxAddressInfo )->ai_family == FREERTOS_AF_INET6 ) )
+                            if( ( ppxAddressInfo != NULL ) && ( *ppxAddressInfo != NULL ) && ( ( *ppxAddressInfo )->ai_family == FREERTOS_AF_INET6 ) )
                             {
                                 FreeRTOS_printf( ( "prvPrepareLookup: found '%s' in cache: %pip\n",
                                                    pcHostName, ( void * ) ( *ppxAddressInfo )->xPrivateStorage.sockaddr.sin_address.xIP_IPv6.ucBytes ) );
@@ -690,12 +694,12 @@
                         if( xHasRandom != pdFALSE )
                         {
                             uxReadTimeOut_ticks = 0U;
-                            vDNSSetCallBack( pcHostName,
-                                             pvSearchID,
-                                             pCallbackFunction,
-                                             uxTimeout,
-                                             ( TickType_t ) uxIdentifier,
-                                             ( xFamily == FREERTOS_AF_INET6 ) ? pdTRUE : pdFALSE );
+                            xReturnSetCallback = xDNSSetCallBack( pcHostName,
+                                                                  pvSearchID,
+                                                                  pCallbackFunction,
+                                                                  uxTimeout,
+                                                                  ( TickType_t ) uxIdentifier,
+                                                                  ( xFamily == FREERTOS_AF_INET6 ) ? pdTRUE : pdFALSE );
                         }
                     }
                     else     /* When ipconfigDNS_USE_CALLBACKS enabled, ppxAddressInfo is always non null. */
@@ -707,7 +711,13 @@
             }
             #endif /* if ( ipconfigDNS_USE_CALLBACKS == 1 ) */
 
-            if( ( ulIPAddress == 0U ) && ( xHasRandom != pdFALSE ) )
+            if( ( ulIPAddress == 0U ) &&
+
+                #if ( ipconfigDNS_USE_CALLBACKS == 1 )
+                    ( xReturnSetCallback == pdPASS ) &&
+                #endif
+
+                ( xHasRandom != pdFALSE ) )
             {
                 ulIPAddress = prvGetHostByName( pcHostName,
                                                 uxIdentifier,
@@ -1507,7 +1517,7 @@
         uxIndex = uxStart + 1U;
 
         /* Copy in the host name. */
-        ( void ) strcpy( ( char * ) &( pucUDPPayloadBuffer[ uxIndex ] ), pcHostName );
+        ( void ) strncpy( ( char * ) &( pucUDPPayloadBuffer[ uxIndex ] ), pcHostName, strlen( pcHostName ) + 1U );
 
         /* Walk through the string to replace the '.' characters with byte
          * counts.  pucStart holds the address of the byte count.  Walking the

source/FreeRTOS_DNS_Cache.c

@@ -448,7 +448,7 @@
         /* Add or update the item. */
         if( strlen( pcName ) < ( size_t ) ipconfigDNS_CACHE_NAME_LENGTH )
         {
-            ( void ) strcpy( xDNSCache[ uxFreeEntry ].pcName, pcName );
+            ( void ) strncpy( xDNSCache[ uxFreeEntry ].pcName, pcName, ipconfigDNS_CACHE_NAME_LENGTH );
             ( void ) memcpy( &( xDNSCache[ uxFreeEntry ].xAddresses[ 0 ] ), pxIP, sizeof( *pxIP ) );
 
 

source/FreeRTOS_DNS_Callback.c

@@ -129,13 +129,14 @@
  * @param[in] uxIdentifier Random number used as ID in the DNS message.
  * @param[in] xIsIPv6 pdTRUE if the address type should be IPv6.
  */
-    void vDNSSetCallBack( const char * pcHostName,
-                          void * pvSearchID,
-                          FOnDNSEvent pCallbackFunction,
-                          TickType_t uxTimeout,
-                          TickType_t uxIdentifier,
-                          BaseType_t xIsIPv6 )
+    BaseType_t xDNSSetCallBack( const char * pcHostName,
+                                void * pvSearchID,
+                                FOnDNSEvent pCallbackFunction,
+                                TickType_t uxTimeout,
+                                TickType_t uxIdentifier,
+                                BaseType_t xIsIPv6 )
     {
+        BaseType_t xReturn = pdPASS;
         size_t lLength = strlen( pcHostName );
 
         /* MISRA Ref 4.12.1 [Use of dynamic memory]. */
@@ -154,7 +155,7 @@
                 vDNSTimerReload( FreeRTOS_min_uint32( 1000U, ( uint32_t ) uxTimeout ) );
             }
 
-            ( void ) strcpy( pxCallback->pcName, pcHostName );
+            ( void ) strncpy( pxCallback->pcName, pcHostName, lLength + 1U );
             pxCallback->pCallbackFunction = pCallbackFunction;
             pxCallback->pvSearchID = pvSearchID;
             pxCallback->uxRemainingTime = uxTimeout;
@@ -171,9 +172,12 @@
         }
         else
         {
-            FreeRTOS_debug_printf( ( " vDNSSetCallBack : Could not allocate memory: %u bytes",
+            xReturn = pdFAIL;
+            FreeRTOS_debug_printf( ( " xDNSSetCallBack : Could not allocate memory: %u bytes",
                                      ( unsigned ) ( sizeof( *pxCallback ) + lLength ) ) );
         }
+
+        return xReturn;
     }
 /*-----------------------------------------------------------*/
 

source/FreeRTOS_DNS_Parser.c

@@ -330,6 +330,7 @@
                         #if ( ipconfigUSE_DNS_CACHE == 1 ) || ( ipconfigDNS_USE_CALLBACKS == 1 )
                             uxResult = DNS_ReadNameField( &xSet,
                                                           sizeof( xSet.pcName ) );
+                            ( void ) uxResult;
                         #endif
                     }
                 }
@@ -359,6 +360,7 @@
                         {
                             uxResult = DNS_ReadNameField( &xSet,
                                                           sizeof( xSet.pcName ) );
+                            ( void ) uxResult;
                         }
                         else
                     #endif /* ipconfigUSE_DNS_CACHE || ipconfigDNS_USE_CALLBACKS */
@@ -646,7 +648,7 @@
             }
 
             uxResult = DNS_SkipNameField( pxSet->pucByte,
-                                          sizeof( pxSet->pcName ) );
+                                          pxSet->uxSourceBytesRemaining );
 
             /* Check for a malformed response. */
             if( uxResult == 0U )

source/FreeRTOS_RA.c

@@ -489,7 +489,7 @@
                 if( pxEndPoint->xRAData.bits.bRouterReplied != pdFALSE_UNSIGNED )
                 {
                     /* Obtained configuration from a router. */
-                    uxNewReloadTime = pdMS_TO_TICKS( 1000U * pxEndPoint->xRAData.ulPreferredLifeTime );
+                    uxNewReloadTime = pdMS_TO_TICKS( ( 1000U * ( uint64_t ) pxEndPoint->xRAData.ulPreferredLifeTime ) );
                     pxEndPoint->xRAData.eRAState = eRAStatePreLease;
                     iptraceRA_SUCCEEDED( &( pxEndPoint->ipv6_settings.xIPAddress ) );
                     FreeRTOS_printf( ( "RA: succeeded, using IP address %pip Reload after %u seconds\n",