search

atsign-foundation / at_c

Experimental cross-platform C implementation of the atSDK for SOC & embedded devices
BSD 3-Clause "New" or "Revised" License
2 stars 4 forks source link

at_c: `message_type` and `message_body` from `monitor.c` `static int parse_message` function point to a freed address #393

Closed realvarx closed 1 month ago

realvarx commented 2 months ago

The static parse_message function in monitor.c returns message_type and message_body pointers that point to memory that is freed at the end of the function. This function creates a copy of the original parameter using strdup, which internally uses malloc to allocate memory. However, the function then frees this allocated memory (original_copy) before returning, leaving message_type and message_body pointing to invalid memory.

https://github.com/atsign-foundation/at_c/blob/aaf943db9c9de6b28b64ebdf9903928401ef793a/packages/atclient/src/monitor.c#L247

The solution would involve returning to the old approach (use original parameter, and free it outside of the method after doing memcpy of the type and body), or removing the free(original_copy) from the exit of the method (which could lead to a memory leak if not handled properly later).

JeremyTubongbanua commented 2 months ago

I think I see see what is happening here

Since original_copy is being freed, message_type and message_body are pointers to characters in the original_copy string. Is that correct?

JeremyTubongbanua commented 2 months ago

Assigned 2 SP

realvarx commented 2 months ago

I think I see see what is happening here

Since original_copy is being freed, message_type and message_body are pointers to characters in the original_copy string. Is that correct?

Exactly

JeremyTubongbanua commented 1 month ago

Fix for this in #400