arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-04-19 23:22:16 +03:00
Code

Add basic canary check to BSSL stack thunk (#6156)

Browse Source 
On return from a BSSL call, check that the last element of the stack is
still untouched.  If it is modified, print an error and abort().

Will catch problems like #6143 many times with an informative error
message instead of corrupting the heap and having a random crash
sometime later.
This commit is contained in:
Earle F. Philhower, III 2019-05-27 20:51:27 -07:00 committed by GitHub
parent d83eabe5b3
commit 7c4961e83c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
cores/esp8266/StackThunk.cpp
View File

@ -36,7 +36,7 @@ uint32_t *stack_thunk_top = NULL;
uint32_t *stack_thunk_save = NULL; /* Saved A1 while in BearSSL */ uint32_t *stack_thunk_save = NULL; /* Saved A1 while in BearSSL */
uint32_t stack_thunk_refcnt = 0; uint32_t stack_thunk_refcnt = 0;
#define _stackSize (5750/4) #define _stackSize (5748/4)
#define _stackPaint 0xdeadbeef #define _stackPaint 0xdeadbeef
/* Add a reference, and allocate the stack if necessary */ /* Add a reference, and allocate the stack if necessary */
@ -124,4 +124,11 @@ void stack_thunk_dump_stack()
ets_printf("<<<stack<<<\n"); ets_printf("<<<stack<<<\n");
} }
/* Called when the stack overflow is detected by a thunk. Main memory is corrupted at this point. Do not return. */
void stack_thunk_fatal_overflow()
{
ets_printf("FATAL ERROR: BSSL stack overflow\n");
abort();
}
}; };

10
cores/esp8266/StackThunk.h
View File

@ -41,6 +41,7 @@ extern uint32_t stack_thunk_get_stack_bot();
extern uint32_t stack_thunk_get_cont_sp(); extern uint32_t stack_thunk_get_cont_sp();
extern uint32_t stack_thunk_get_max_usage(); extern uint32_t stack_thunk_get_max_usage();
extern void stack_thunk_dump_stack(); extern void stack_thunk_dump_stack();
extern void stack_thunk_fatal_overflow();
// Globals required for thunking operation // Globals required for thunking operation
extern uint32_t *stack_thunk_ptr; extern uint32_t *stack_thunk_ptr;
@ -53,6 +54,7 @@ extern uint32_t stack_thunk_refcnt;
__asm("\n\ __asm("\n\
.text\n\ .text\n\
.literal_position\n\ .literal_position\n\
.literal .LC_STACK_VALUE"#fcnToThunk", 0xdeadbeef\n\
\n\ \n\
.text\n\ .text\n\
.global thunk_"#fcnToThunk"\n\ .global thunk_"#fcnToThunk"\n\
@ -67,6 +69,14 @@ thunk_"#fcnToThunk":\n\
movi a15, stack_thunk_top /* Load A1(SP) with thunk stack */\n\ movi a15, stack_thunk_top /* Load A1(SP) with thunk stack */\n\
l32i.n a1, a15, 0\n\ l32i.n a1, a15, 0\n\
call0 "#fcnToThunk" /* Do the call */\n\ call0 "#fcnToThunk" /* Do the call */\n\
/* Check the stack canary wasn't overwritten */\n\
movi a15, stack_thunk_ptr\n\
l32i.n a15, a15, 0 /* A15 now has the pointer to stack end*/ \n\
l32i.n a15, a15, 0 /* A15 now has contents of last stack entry */\n\
l32r a0, .LC_STACK_VALUE"#fcnToThunk" /* A0 now has the check value */\n\
beq a0, a15, .L1"#fcnToThunk"\n\
call0 stack_thunk_fatal_overflow\n\
.L1"#fcnToThunk":\n\
movi a15, stack_thunk_save /* Restore A1(SP) */\n\ movi a15, stack_thunk_save /* Restore A1(SP) */\n\
l32i.n a1, a15, 0\n\ l32i.n a1, a15, 0\n\
l32i.n a15, a1, 8 /* Restore the saved registers */\n\ l32i.n a15, a1, 8 /* Restore the saved registers */\n\