Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OpenYGE - fix: address possible buffer underflow condition, add 2nd paranoid frame length validation … #96

Merged

Conversation

bob01
Copy link
Contributor

@bob01 bob01 commented Mar 29, 2024

…outside ISR/callback.

Discovered while testing a derivative branch it was observed FC became unresponsive while making MSP updates w/ RF2 LUA or RF configurator. Issue was intermittent.

Cause:

  • inadequate validation of received length member of header
  • length is checked against buffer size to avoid overflow but not against valid minimum
  • buffer underrun when trying to extract CRC from packet if length < 2

Fix:

  • added min length validation to receive ISR
  • added secondary paranoid check prior to extracting CRC
  • harden oygeFrameLength, always reset minimum at start of frame

Note: we were not able to reproduce this issue with RC1 but this code vulnerable without this fix

…aranoid frame length validation outside ISR/callback
@rotorflight rotorflight merged commit bc69ec8 into rotorflight:master Apr 6, 2024
1 check passed
@bob01 bob01 deleted the esc_sensor_openyge_fixunderrun branch April 15, 2024 12:30
bob01 added a commit to bob01/rotorflight-firmware that referenced this pull request Apr 15, 2024
* master:
  Fix Kontronik telemetry protocol (rotorflight#98)
  Update README.md
  Add Horizon mode inverted self-leveling
  Add CI or PR to the firmware extra version string
  OpenYGE - fix: address possible buffer underflow condition, add 2nd paranoid frame length validation outside ISR/callback (rotorflight#96)
  Fix RPM filter error check with Direct Drive motors (rotorflight#94)
  Fix TTA headroom calculation in Gov Passthrough (rotorflight#92)
  Add GOV_MODE FrSky telemetry sensor (rotorflight#89)
  Add github workflows for CI builds
  OpenYGE - fix to support v3 frame header extension (rotorflight#87)
  chore: fixed scale lights terminology (rotorflight#85)
  Add Releases.md
  Update github workflows
  Reduce default smoothing level
  Simplify RC frame rate calculation
  Change default PID D-gains
  Change default motor protocol to PWM
  Add 'mixer reset' to mixer CLI help

# Conflicts:
#	src/main/sensors/esc_sensor.c
bob01 added a commit to bob01/rotorflight-firmware that referenced this pull request Apr 15, 2024
* esc_sensor_data_plus: (21 commits)
  RFF-78 - escSensorData - added .throttle to. capture input setpoint as reported by ESC
  Fix Kontronik telemetry protocol (rotorflight#98)
  Update README.md
  Add Horizon mode inverted self-leveling
  Add CI or PR to the firmware extra version string
  OpenYGE - fix: address possible buffer underflow condition, add 2nd paranoid frame length validation outside ISR/callback (rotorflight#96)
  Fix RPM filter error check with Direct Drive motors (rotorflight#94)
  Fix TTA headroom calculation in Gov Passthrough (rotorflight#92)
  Add GOV_MODE FrSky telemetry sensor (rotorflight#89)
  Add github workflows for CI builds
  OpenYGE - telemetry - BEC voltage and current fix
  OpenYGE - fix to support v3 frame header extension (rotorflight#87)
  OpenYGE - support v3 frame header extension - documentation
  chore: fixed scale lights terminology (rotorflight#85)
  Add Releases.md
  Update github workflows
  Reduce default smoothing level
  Simplify RC frame rate calculation
  Change default PID D-gains
  Change default motor protocol to PWM
  ...

# Conflicts:
#	src/main/sensors/esc_sensor.c
bob01 added a commit to bob01/rotorflight-firmware that referenced this pull request Apr 15, 2024
* esc_sensor_data_plus: (21 commits)
  RFF-78 - escSensorData - added .throttle to. capture input setpoint as reported by ESC
  Fix Kontronik telemetry protocol (rotorflight#98)
  Update README.md
  Add Horizon mode inverted self-leveling
  Add CI or PR to the firmware extra version string
  OpenYGE - fix: address possible buffer underflow condition, add 2nd paranoid frame length validation outside ISR/callback (rotorflight#96)
  Fix RPM filter error check with Direct Drive motors (rotorflight#94)
  Fix TTA headroom calculation in Gov Passthrough (rotorflight#92)
  Add GOV_MODE FrSky telemetry sensor (rotorflight#89)
  Add github workflows for CI builds
  OpenYGE - telemetry - BEC voltage and current fix
  OpenYGE - fix to support v3 frame header extension (rotorflight#87)
  OpenYGE - support v3 frame header extension - documentation
  chore: fixed scale lights terminology (rotorflight#85)
  Add Releases.md
  Update github workflows
  Reduce default smoothing level
  Simplify RC frame rate calculation
  Change default PID D-gains
  Change default motor protocol to PWM
  ...

# Conflicts:
#	src/main/sensors/esc_sensor.c
bob01 added a commit to bob01/rotorflight-firmware that referenced this pull request Apr 15, 2024
* esc_sensor_hd: (24 commits)
  CRSF - reuse - minor code consistency - missing comma
  CRSF - reuse - expose additional ESC sources on ATT 16-bit sensors - not enough room on GPS sensors
  REUSE - added BEC, BUS, MPU voltage sources to GPS sensor options
  RFF-78 - escSensorData - added .throttle to. capture input setpoint as reported by ESC
  Fix Kontronik telemetry protocol (rotorflight#98)
  Update README.md
  Add Horizon mode inverted self-leveling
  Add CI or PR to the firmware extra version string
  OpenYGE - fix: address possible buffer underflow condition, add 2nd paranoid frame length validation outside ISR/callback (rotorflight#96)
  Fix RPM filter error check with Direct Drive motors (rotorflight#94)
  Fix TTA headroom calculation in Gov Passthrough (rotorflight#92)
  Add GOV_MODE FrSky telemetry sensor (rotorflight#89)
  Add github workflows for CI builds
  OpenYGE - telemetry - BEC voltage and current fix
  OpenYGE - fix to support v3 frame header extension (rotorflight#87)
  OpenYGE - support v3 frame header extension - documentation
  chore: fixed scale lights terminology (rotorflight#85)
  Add Releases.md
  Update github workflows
  Reduce default smoothing level
  ...

# Conflicts:
#	src/main/cli/settings.c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants