rtos/esp32_stacking: AddressSanitizer: heap-buffer-overflow issue

erhankur · erhankur · commit 90907b83e689 · 2022-06-29T20:09:42.000Z
#0 0x10c41485f in __asan_memcpy+0x1af (libclang_rt.asan_osx_dynamic.dylib:x86_64+0x4285f) #1 0x10ab3dcfd in buf_cpy binarybuffer.c:60 #2 0x10ab2774b in rtos_generic_stack_read rtos.c:664 #3 0x10aac3ed9 in freertos_get_thread_registers_from_stack FreeRTOS.c:1148 #4 0x10aab2ea2 in freertos_get_thread_reg_list FreeRTOS.c:1238 #5 0x10aab32b1 in freertos_get_thread_reg FreeRTOS.c:1269 #6 0x10aabe903 in freertos_get_tasks_details FreeRTOS.c:797 #7 0x10aab270f in freertos_update_threads FreeRTOS.c:1060 #8 0x10ab1d66e in rtos_thread_packet rtos.c:395 #9 0x10ab1bad2 in gdb_thread_packet rtos.c:191 #10 0x10aa4643d in gdb_input_inner gdb_server.c:3547 #11 0x10aa3d534 in gdb_input gdb_server.c:3743 #12 0x10aa8e565 in server_loop server.c:566 #13 0x1099f6e66 in openocd_thread openocd.c:380 #14 0x1099f685e in openocd_main openocd.c:419 #15 0x1099f52b1 in main main.c:40 #16 0x7fff6bf78cc8 in start+0x0 (libdyld.dylib:x86_64+0x1acc8)
diff --git a/src/rtos/rtos_freertos_stackings.c b/src/rtos/rtos_freertos_stackings.c
@@ -35,8 +35,14 @@ static int rtos_freertos_esp_xtensa_stack_read_voluntary(struct target *target,
 
 /*
  The XTensa FreeRTOS implementation has *two* types of stack frames; one for
- involuntatrily swapped out tasks and another one for tasks which voluntarily yielded.
+ involuntarily swapped out tasks and another one for tasks which voluntarily yielded.
 */
+
+/*
+Important Note: If you modify one of the stack_register_offset array, also check corresponding
+	stack_registers_size in rtos_register_stacking
+*/
+
 static const struct stack_register_offset rtos_freertos_esp32_stack_offsets[] = {
 	{ XT_REG_IDX_PC, 0x04, 32 },		/* PC */
 	{ XT_REG_IDX_AR0, 0x0c, 32 },		/* A0 */
@@ -672,7 +678,7 @@ static const struct stack_register_offset rtos_freertos_esp32_s3_voluntary_stack
 };
 
 const struct rtos_register_stacking rtos_freertos_esp32_stacking = {
-	30*4,				/* stack_registers_size */
+	40*4,				/* stack_registers_size */
 	-1,					/* stack_growth_direction */
 	ESP32_NUM_REGS_G_COMMAND,					/* num_output_registers */
 	rtos_generic_stack_align8,	/* stack_alignment */
@@ -690,7 +696,7 @@ const struct rtos_register_stacking rtos_freertos_esp32_s2_stacking = {
 };
 
 const struct rtos_register_stacking rtos_freertos_esp32_s3_stacking = {
-	30*4,				/* stack_registers_size */
+	40*4,				/* stack_registers_size */
 	-1,					/* stack_growth_direction */
 	ESP32_S3_NUM_REGS_G_COMMAND,					/* num_output_registers */
 	rtos_generic_stack_align8,	/* stack_alignment */
