Skip to content

sys/net/gnrc_pktbuf: detect use after free if canary is in metadata#21000

Merged
maribu merged 3 commits intoRIOT-OS:masterfrom
benpicco:gnrc_pktbuf-use_after_free
Nov 19, 2024
Merged

sys/net/gnrc_pktbuf: detect use after free if canary is in metadata#21000
maribu merged 3 commits intoRIOT-OS:masterfrom
benpicco:gnrc_pktbuf-use_after_free

Conversation

@benpicco
Copy link
Copy Markdown
Contributor

@benpicco benpicco commented Nov 18, 2024

Contribution description

When debugging #20983 this was quite useful to find the issue where a pointer to a pktsnip that was already freed was being held.

For the !CONFIG_GNRC_PKTBUF_CHECK_USE_AFTER_FREE this is already caught by the assert(pkt->users > 0), so if we turn on more extensive leak detection, don't degrade this case.

Testing procedure

Issues/PRs references

@github-actions github-actions bot added Area: network Area: Networking Area: sys Area: System labels Nov 18, 2024
@benpicco benpicco requested a review from maribu November 18, 2024 12:30
@benpicco benpicco added Type: enhancement The issue suggests enhanceable parts / The PR enhances parts of the codebase / documentation CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR labels Nov 18, 2024
@maribu maribu enabled auto-merge November 18, 2024 12:41
@riot-ci
Copy link
Copy Markdown

riot-ci commented Nov 18, 2024
edited
Loading

Murdock results

✔️ PASSED

83f5b26 sys/net/gnrc_pktbuf: detect use after free if canary is in metadata

Success Failures Total Runtime
10247 0 10249 16m:16s

Artifacts

@benpicco benpicco force-pushed the gnrc_pktbuf-use_after_free branch from 225c414 to 0cdbc62 Compare November 18, 2024 16:05
@benpicco benpicco force-pushed the gnrc_pktbuf-use_after_free branch from 0cdbc62 to 83f5b26 Compare November 19, 2024 14:23
@maribu maribu added this pull request to the merge queue Nov 19, 2024
@maribu maribu removed this pull request from the merge queue due to a manual request Nov 19, 2024
@maribu maribu added this pull request to the merge queue Nov 19, 2024
Merged via the queue into RIOT-OS:master with commit b02b23f Nov 19, 2024
@benpicco benpicco deleted the gnrc_pktbuf-use_after_free branch November 19, 2024 23:56
@MrKevinWeiss MrKevinWeiss added this to the Release 2025.01 milestone Jan 20, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@maribu maribu maribu approved these changes

@miri64 miri64 Awaiting requested review from miri64 miri64 is a code owner

@PeterKietzmann PeterKietzmann Awaiting requested review from PeterKietzmann

Assignees

No one assigned

Labels

Area: network Area: Networking Area: sys Area: System CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR Type: enhancement The issue suggests enhanceable parts / The PR enhances parts of the codebase / documentation

Projects

None yet

Milestone

Release 2025.01

Development

Successfully merging this pull request may close these issues.

4 participants

@benpicco @riot-ci @maribu @MrKevinWeiss