STM32Cube MCU Full Package for the STM32L4 series - (HAL + LL Drivers, CMSIS Core, CMSIS Device, MW libraries plus a set of Projects running on all boards provided by ST (Nucleo, Evaluation and Discovery Kits))
Caution
The Issues are strictly limited for the reporting of problem encountered with the software provided in this project.
For any other problem related to the STM32 product, the performance, the hardware characteristics and boards, the tools the environment in general, please post a topic in the ST Community/STM32 MCUs forum.
Caution The Issues are strictly limited for the reporting of problem encountered with the software provided in this project. For any other problem related to the STM32 product, the performance, the hardware characteristics and boards, the tools the environment in general, please post a topic in the ST Community/STM32 MCUs forum.
Describe the set-up
Describe the bug In es_wifi_io.c, absence of bound check in line 213 function
SPI_WIFI_ResetModule
might cause stack buffer overflow: https://github.com/STMicroelectronics/STM32CubeL4/blob/503ab076587f3241e5d8f25adea452dbf80a8b4f/Projects/B-L475E-IOT01A/Applications/WiFi/Common/Src/es_wifi_io.c#L211-L220How To Reproduce
Hardware preparation: a wifi access point, set its SSID and passward as
LI_H3C
and1qaz2wsx
Target application:
WiFi_Client_Server
Download reproduce.zip, uncompress it and apply the patch. This patch includes the use case injection.
Compile
WiFi_Client_Server
and run it with debugger. The program would halt at breakpoint__BKPT(0x10)
if the buffer overflow arises.Additional context