Skip to content

dist/tools/ethos: fix minor code quality issues#21979

Merged
maribu merged 1 commit intoRIOT-OS:masterfrom
maribu:dist/tools/ethos
Jan 12, 2026
Merged

dist/tools/ethos: fix minor code quality issues#21979
maribu merged 1 commit intoRIOT-OS:masterfrom
maribu:dist/tools/ethos

Conversation

@maribu
Copy link
Copy Markdown
Member

@maribu maribu commented Jan 12, 2026

Contribution description

  • fix some minor code style issues
  • add an overflow check for the frame received from the MCU
    • a malicious MCU could overflow the stack allocated buffer in serial_t serial in member char frame[MTU];.
    • most people don't plug in random unstrusted hardware into their machines, so this is not a really plausible attack vector
    • it is a valid bug, though, and therefore fixed

Testing procedure

Code review should be sufficient here. But testing that the ethos tool still works just to be safe won't hurt either.

Issues/PRs references

https://seclists.org/fulldisclosure/2026/Jan/16

@maribu maribu added Type: cleanup The issue proposes a clean-up / The PR cleans-up parts of the codebase / documentation CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR Area: tools Area: Supplementary tools labels Jan 12, 2026
@riot-ci
Copy link
Copy Markdown

riot-ci commented Jan 12, 2026
edited
Loading

Murdock results

✔️ PASSED

dc068a6 dist/tools/ethos: fix minor code quality issues

Success Failures Total Runtime
1 0 1 01m:12s

Artifacts

miri64
miri64 reviewed Jan 12, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@miri64 miri64 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not mandatory, but Vera++ points out some more code style issues (see annotations in "Files changed" view. Can you fix them as well?

miri64
miri64 reviewed Jan 12, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@miri64 miri64 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Except for style issues to your style fixes ;-): ACK

@maribu
Copy link
Copy Markdown
Member Author

maribu commented Jan 12, 2026

Fixed and squashed

@maribu @miri64
dist/tools/ethos: fix minor code quality issues
dc068a6 
- fix some minor code style issues
- add an overflow check for the frame received from the MCU
    - a malicious MCU could overflow the stack allocated buffer in
      `serial_t serial` in member `char frame[MTU];`.
    - most people don't plug in random unstrusted hardware into their
      machines, so this is not a really plausible attack vector
    - it is a valid bug, though, and therefore fixed

Co-authored-by: Martine Lenders <[email protected]>
@maribu
Copy link
Copy Markdown
Member Author

maribu commented Jan 12, 2026

Can you fix them as well?

Done and squashed.

@maribu maribu enabled auto-merge January 12, 2026 15:45
@maribu maribu added this pull request to the merge queue Jan 12, 2026
Merged via the queue into RIOT-OS:master with commit ddff869 Jan 12, 2026
26 checks passed
@maribu maribu deleted the dist/tools/ethos branch January 13, 2026 12:46
@leandrolanzieri leandrolanzieri added this to the Release 2026.01 milestone Jan 13, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@miri64 miri64 miri64 approved these changes

Assignees

No one assigned

Labels

Area: tools Area: Supplementary tools CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR Type: cleanup The issue proposes a clean-up / The PR cleans-up parts of the codebase / documentation

Projects

None yet

Milestone

Release 2026.01

Development

Successfully merging this pull request may close these issues.

4 participants

@maribu @riot-ci @miri64 @leandrolanzieri