set_ip_bytes() does a 16-byte memcpy from the input buffer to
the local nsapi_addr_t despite the address version.
If the address version is ipv4, the input buffer may only be
4-byte in size. This causes a out-of-bound access on the input buffer.
Signed-off-by: Tony Wu <tonywu@realtek.com>
nsapi_error_t - enum of errors or 0 for NSAPI_ERROR_OK
nsapi_size_t - unsigned size of data that could be sent
nsapi_size_or_error_t - either a non-negative size or negative error
Replace Comodo and OpenDNS IPv4 servers with Google and DNS.WATCH IPv6
servers, so IPv6-only devices (eg 6LoWPAN) have a default.
3 IPv4 resolvers should be plenty - existing code doesn't remember which
one last worked, so if early list entries were unreachable performance
would be consistently bad anyway. Replacing two entries avoids
increasing image size and RAM consumption.
On an IPv6-only or IPv4-only system, the sendto() for the wrong type of
address should fail immediately - change loop to move on to the next
server for any sendto() error.
Takes advantage of the get_ip_address function to predict the IP
address version wanted by the underlying interface. The should avoid
the need for most IPv6 interfaces to overload gethostbyname.
suggested by @kjbracey-arm
- cc.h@57,1: "BYTE_ORDER" redefined
- lwip_inet_chksum.c@560,44: passing argument 1 of 'thumb2_checksum'
discards 'const' qualifier from pointer target type
- lwip_pbuf.c@1172,9: variable 'err' set but not used
- SocketAddress.cpp@293,1: control reaches end of non-void function
Previously, exhausting hardware buffers would begin blocking the lwip
thread. This patch changes the emac layer to simply drop ethernet
frames, leaving recovery up to a higher level protocol.
This is consistent with the behaviour of the emac layer when unable
to allocate dynamic memory.
This was actually several bugs colluding together.
1. Confusion on the buffer-semaphore paradigm used led to misuse of the
tx semaphore and potential for odd behaviour.
2. Equality tests on tx_consume_index and tx_produce_index did not
handle overflow correctly. This would allow tx_consume_index to catch
up to tx_produce_index and trick the k64f_rx_reclaim function into
forgetting about a whole buffer of pbufs.
3. On top of all of that, the ENET_BUFFDESCRIPTOR_TX_READ_MASK was not
correctly read immediately after being set due to either a compiler
optimization or hardware delays. This caused k64f_low_level_output
to eagerly overrun existing buff-descriptors before they had been
completely sent. Adopting the counting-semaphore paradigm for 1 avoided
this concern.
As pointed out by @infinnovation, the overflow only occurs in the rare
case that the 120MHz CPU can actually generate packets faster than the
ENET hardware can transmit on a 100Mbps link.
This change prevents the standard library from allocating a large buffer
on the heap. On GCC_ARM, this is a saving of 1K. On ARM, this is a saving
of 64 bytes.
+ Added ``void debug(bool dbg)`` method to allow enabling/disabling
serial debug at runtime.
+ Replaced calls to ``debug`` with ``debug_if`` to prevent messges
from being thrown via serial when debug is disabled.
Signed-off-by: Bruno Monteiro Pires <brunomonteiropires@gmail.com>
* Binary build script is modified to follow currebt mbedOS baseline structure
* License files are moved to the correct location.
* Contribution.md is also moved to the correct location.
In the config store create test in test case #5 the amount of available
memory is determined by fully allocating the heap. This is done
multiple times to determine if there is a memory leak. This causes
problems when even slight fragmentation occurs in the heap, since
the size that can be allocated is decreased slightly, which the test
flags as a memory leak.
This patch makes memory leak detection more robust by using metrics
provided by mbed_stats_heap_get. These metrics are an exact
measurement of memory allocated is not changed by fragmentation.
This allows the memory leak test to report correct values regardless of
fragmentation.
When closing a file handle remove the handle from the handle list
regardless of what the reference count of the key it is pointing to is.
This prevents config store from keeping a handle to file handles that
have gone out of scope.
The function cfstore_delete_ex is written under the assumption that
CFSTORE_REALLOC will never fail if the size is decreasing. Regardless
of the status of CFSTORE_REALLOC the entry is removed from the config
store and zeroed. This works correctly if CFSTORE_REALLOC correctly
updates area_0_tail, but can lead to crashes in the case area_0_tail is
left unchanged. The crash is because when iterating over the config
store data, cfstore_get_next_hkvt is unable to determine the end of
valid data.
This patch fixes this problem by handling the realloc failure case by
updating area_0_tail even if CFSTORE_REALLOC returns NULL. This
patch also adds an assert to check for out of bound entries in when
calling cfstore_get_next_hkvt. This allows an assert to be triggered
if this bug is re-introduced, rather than a crash.
When the config store is powered down area_0_head is freed, but
area_0_len is not set to 0. This causes when cfstore_realloc_ex is
called, since on the first allocation it appears that the config store
size is decreasing, and therefore the data is not initialized.
Since the data is uninitiated various fields such as the reference
can have invalid values. On GCC_ARM built with heap stats enabled
this manifests as a crash due to an invalid reference count.
This patch fixes this problem by setting area_0_len to 0 when the data
is freed.
Tony Wu
Mahadevan Mahesh
Christopher Haster
Bartek Szatkowski
andreas.larsson
Kevin Bracey
Jeremy Brodt
Colin Hogben
Colin Hogben
jeromecoutant
Marcus Chang
Mika Leppänen
Brian Daniels
Steven Cooreman
Marc Moreno Berengue
Bruno Monteiro Pires
Christopher Haster
Andrzej Puzdrowski
Andres AG
Hasnain Virk
Russ Butler