search

atigyi / zephyr

Primary Git Repository for the Zephyr Project. Zephyr is a new generation, scalable, optimized, secure RTOS for multiple hardware architectures.
https://docs.zephyrproject.org
Apache License 2.0
0 stars 0 forks source link

bsp/iotc_bsp_io_net_zephyr: Don't pass uninialized data to poll(). #10

Closed pfalcon closed 4 years ago

pfalcon commented 4 years ago

There're few problems with iotc_bsp_io_net_select():

  1. It can be called with socket_events_array_size == 0. In this case, poll() is still called with one struct pollfd, containing completely uninitialized data.
  2. Even if called with socket_events_array_size == 1, struct pollfd::events is never fully initialized, just some bits in it are set, but it may contain arbitrary value otherwise.
  3. Finally, it can be potentially called with socket_events_array_size > 1, in which case behavior will be undefined, definitely not what user expects.

All these cases are fixed, by initializing struct pollfd, checking and returning error for case of socket_events_array_size > 1, and handling socket_events_array_size == 0 properly.

pfalcon commented 4 years ago

@atigyi, If you agree with changes here, feel free to merge/squash over next week (when I'll be offline) or when you get to it.