Context Navigation

← Previous Ticket
Next Ticket →

#4629 closed defect (fixed)

shell: Potential stack corruption in rtems_shell_init()

Reported by:	Sebastian Huber	Owned by:	Sebastian Huber
Priority:	normal	Milestone:	6.1
Component:	shell	Version:
Severity:	normal	Keywords:
Cc:		Blocked By:
Blocking:

Description (last modified by Sebastian Huber)

The rtems_shell_init() passes the address of a stack variable (exit_code) to rtems_shell_run(). If wait == false, then the stack variable goes out of scope but may be accessed by the created shell thread.

Change History (2)

comment:1 Changed on 03/15/22 at 06:11:35 by Sebastian Huber

Description:	modified (diff)

comment:2 Changed on 03/18/22 at 07:06:49 by Sebastian Huber <sebastian.huber@…>

Resolution:	→ fixed
Status:	assigned → closed

In b837c83/rtems:

shell: Avoid potential stack corruption

The rtems_shell_init() passed the address of a stack variable
(exit_code) to rtems_shell_run(). If wait == false, then the stack
variable goes out of scope but may be accessed by the created shell
thread.

The rtems_shell_script() was affected by the same problem.

Close #4629.

Note: See TracTickets for help on using tickets.

Download in other formats: