Merge branch 'main' into fix_dhcp_network_buffer_leak

tony-josi-aws · web-flow · commit fda028ed760c · 2025-03-05T14:48:34.000+05:30
diff --git a/source/FreeRTOS_DHCP.c b/source/FreeRTOS_DHCP.c
@@ -264,7 +264,7 @@
                     pxIterator = NULL;
                 }
 
-                if( pxIterator != NULL )
+                if( ( pxIterator != NULL ) && ( pxIterator->xDHCPData.eDHCPState == pxIterator->xDHCPData.eExpectedState ) )
                 {
                     /* The second parameter pdTRUE tells to check for a UDP message. */
                     vDHCPProcessEndPoint( pdFALSE, pdTRUE, pxIterator );
@@ -276,15 +276,24 @@
                 }
                 else
                 {
-                    /* Target not found, fetch the message and delete it. */
+                    /* Target not found or there is a state mismatch, fetch the message and delete it. */
                     /* PAss the address of a pointer pucUDPPayload, because zero-copy is used. */
                     lBytes = FreeRTOS_recvfrom( EP_DHCPData.xDHCPSocket, &( pucUDPPayload ), 0, FREERTOS_ZERO_COPY, NULL, NULL );
 
                     if( ( lBytes > 0 ) && ( pucUDPPayload != NULL ) )
                     {
                         /* Remove it now, destination not found. */
                         FreeRTOS_ReleaseUDPPayloadBuffer( pucUDPPayload );
-                        FreeRTOS_printf( ( "vDHCPProcess: Removed a %d-byte message: target not found\n", ( int ) lBytes ) );
+
+                        if( pxIterator == NULL )
+                        {
+                            FreeRTOS_printf( ( "vDHCPProcess: Removed a %d-byte message: target not found\n", ( int ) lBytes ) );
+                        }
+                        else
+                        {
+                            FreeRTOS_printf( ( "vDHCPProcess: Wrong state: expected: %d got: %d : ignore\n",
+                                               pxIterator->xDHCPData.eExpectedState, pxIterator->xDHCPData.eDHCPState ) );
+                        }
                     }
                 }
             }
@@ -496,6 +505,11 @@
                 {
                     /* Give up, start again. */
                     EP_DHCPData.eDHCPState = eInitialWait;
+
+                    /* Reset expected state so that DHCP packets from
+                     * different DHCP servers if available already in the DHCP socket can
+                     * be processed */
+                    EP_DHCPData.eExpectedState = eInitialWait;
                 }
             }
         }
@@ -999,6 +1013,11 @@
                         {
                             /* Start again. */
                             EP_DHCPData.eDHCPState = eInitialWait;
+
+                            /* Reset expected state so that DHCP packets from
+                             * different DHCP servers if available already in the DHCP socket can
+                             * be processed */
+                            EP_DHCPData.eExpectedState = eInitialWait;
                         }
                     }
 
diff --git a/test/unit-test/FreeRTOS_DHCP/FreeRTOS_DHCP_stubs.c b/test/unit-test/FreeRTOS_DHCP/FreeRTOS_DHCP_stubs.c
@@ -715,4 +715,38 @@ static int32_t FreeRTOS_recvfrom_eWaitingOfferRecvfromSuccess_LocalMACAddrNotMat
 
     return xSizeofUDPBuffer;
 }
+
+static int32_t FreeRTOS_recvfrom_LoopedCall( const ConstSocket_t xSocket,
+                                             void * pvBuffer,
+                                             size_t uxBufferLength,
+                                             BaseType_t xFlags,
+                                             struct freertos_sockaddr * pxSourceAddress,
+                                             socklen_t * pxSourceAddressLength,
+                                             int callbacks )
+{
+    NetworkEndPoint_t * pxIterator = pxNetworkEndPoints;
+    size_t xSizeRetBufferSize = xSizeofUDPBuffer;
+
+    if( callbacks == 2 )
+    {
+        pxNetworkEndPoints->xDHCPData.eDHCPState = eInitialWait;
+    }
+    else if( callbacks == 4 )
+    {
+        xSizeRetBufferSize = 200;
+    }
+
+    if( ( xFlags & FREERTOS_ZERO_COPY ) != 0 )
+    {
+        *( ( uint8_t ** ) pvBuffer ) = pucUDPBuffer;
+    }
+
+    memset( pucUDPBuffer, 0, xSizeofUDPBuffer );
+    /* Put in correct DHCP cookie. */
+    ( ( struct xDHCPMessage_IPv4 * ) pucUDPBuffer )->ulDHCPCookie = dhcpCOOKIE;
+    ( ( struct xDHCPMessage_IPv4 * ) pucUDPBuffer )->ucOpcode = dhcpREPLY_OPCODE;
+    ( ( struct xDHCPMessage_IPv4 * ) pucUDPBuffer )->ulTransactionID = FreeRTOS_htonl( 0x01ABCDEF );
+
+    return xSizeRetBufferSize;
+}
 /*-----------------------------------------------------------*/
diff --git a/test/unit-test/FreeRTOS_DHCP/FreeRTOS_DHCP_utest.c b/test/unit-test/FreeRTOS_DHCP/FreeRTOS_DHCP_utest.c
@@ -1324,6 +1324,49 @@ void test_vDHCPProcess_eLeasedAddress_CorrectState_ValidBytesInMessage( void )
     TEST_ASSERT_EQUAL( eLeasedAddress, pxEndPoint->xDHCPData.eDHCPState );
 }
 
+/**
+ *@brief  This test function ensures that when the DHCP states are mismatching after
+ * initial parsing of response from DHCP server, if a new response from a different DHCP
+ * server will cause a infinite loop inside the vDHCPProcess.
+ */
+void test_vDHCPProcess_eLeasedAddress_InCorrectState_Loop( void )
+{
+    struct xSOCKET xTestSocket;
+    NetworkEndPoint_t xEndPoint = { 0 }, * pxEndPoint = &xEndPoint;
+    uint8_t * pucUDPPayload;
+
+    /* This should remain unchanged. */
+    xDHCPv4Socket = &xTestSocket;
+    xDHCPSocketUserCount = 1;
+    pxEndPoint->xDHCPData.xDHCPSocket = &xTestSocket;
+    /* Put the required state. */
+    pxEndPoint->xDHCPData.eDHCPState = eLeasedAddress;
+    pxEndPoint->xDHCPData.eExpectedState = eLeasedAddress;
+    pxEndPoint->xDHCPData.ulTransactionId = 0x01ABCDEF;
+
+    /* Make sure that the local IP address is uninitialised. */
+    pxEndPoint->ipv4_settings.ulIPAddress = 0;
+    /* Put a verifiable value. */
+    memset( &pxEndPoint->ipv4_settings, 0xAA, sizeof( IPV4Parameters_t ) );
+    /* Put a verifiable value. */
+    memset( &pxEndPoint->ipv4_defaults, 0xBB, sizeof( IPV4Parameters_t ) );
+
+    pxNetworkEndPoints = pxEndPoint;
+
+    /* Expect these arguments. */
+    FreeRTOS_recvfrom_Stub( FreeRTOS_recvfrom_LoopedCall );
+
+    FreeRTOS_ReleaseUDPPayloadBuffer_Expect( pucUDPBuffer );
+
+    FreeRTOS_IsEndPointUp_IgnoreAndReturn( pdFALSE );
+
+    FreeRTOS_ReleaseUDPPayloadBuffer_Ignore();
+
+    vDHCPProcess( pdFALSE, pxEndPoint );
+
+    TEST_ASSERT_EQUAL( eInitialWait, pxEndPoint->xDHCPData.eDHCPState );
+}
+
 void test_vDHCPProcess_eLeasedAddress_CorrectState_ValidBytesInMessage_TransactionIDMismatch( void )
 {
     struct xSOCKET xTestSocket;

Original file line number	Diff line number	Diff line change
`@@ -264,7 +264,7 @@`
`264`	`264`	`pxIterator = NULL;`
`265`	`265`	`}`
`266`	`266`
`267`		`- if( pxIterator != NULL )`
	`267`	`+ if( ( pxIterator != NULL ) && ( pxIterator->xDHCPData.eDHCPState == pxIterator->xDHCPData.eExpectedState ) )`
`268`	`268`	`{`
`269`	`269`	`/* The second parameter pdTRUE tells to check for a UDP message. */`
`270`	`270`	`vDHCPProcessEndPoint( pdFALSE, pdTRUE, pxIterator );`
`@@ -276,15 +276,24 @@`
`276`	`276`	`}`
`277`	`277`	`else`
`278`	`278`	`{`
`279`		`- /* Target not found, fetch the message and delete it. */`
	`279`	`+ /* Target not found or there is a state mismatch, fetch the message and delete it. */`
`280`	`280`	`/* PAss the address of a pointer pucUDPPayload, because zero-copy is used. */`
`281`	`281`	`lBytes = FreeRTOS_recvfrom( EP_DHCPData.xDHCPSocket, &( pucUDPPayload ), 0, FREERTOS_ZERO_COPY, NULL, NULL );`
`282`	`282`
`283`	`283`	`if( ( lBytes > 0 ) && ( pucUDPPayload != NULL ) )`
`284`	`284`	`{`
`285`	`285`	`/* Remove it now, destination not found. */`
`286`	`286`	`FreeRTOS_ReleaseUDPPayloadBuffer( pucUDPPayload );`
`287`		`- FreeRTOS_printf( ( "vDHCPProcess: Removed a %d-byte message: target not found\n", ( int ) lBytes ) );`
	`287`	`+`
	`288`	`+ if( pxIterator == NULL )`
	`289`	`+ {`
	`290`	`+ FreeRTOS_printf( ( "vDHCPProcess: Removed a %d-byte message: target not found\n", ( int ) lBytes ) );`
	`291`	`+ }`
	`292`	`+ else`
	`293`	`+ {`
	`294`	`+ FreeRTOS_printf( ( "vDHCPProcess: Wrong state: expected: %d got: %d : ignore\n",`
	`295`	`+ pxIterator->xDHCPData.eExpectedState, pxIterator->xDHCPData.eDHCPState ) );`
	`296`	`+ }`
`288`	`297`	`}`
`289`	`298`	`}`
`290`	`299`	`}`
`@@ -496,6 +505,11 @@`
`496`	`505`	`{`
`497`	`506`	`/* Give up, start again. */`
`498`	`507`	`EP_DHCPData.eDHCPState = eInitialWait;`
	`508`	`+`
	`509`	`+ /* Reset expected state so that DHCP packets from`
	`510`	`+ * different DHCP servers if available already in the DHCP socket can`
	`511`	`+ * be processed */`
	`512`	`+ EP_DHCPData.eExpectedState = eInitialWait;`
`499`	`513`	`}`
`500`	`514`	`}`
`501`	`515`	`}`
`@@ -999,6 +1013,11 @@`
`999`	`1013`	`{`
`1000`	`1014`	`/* Start again. */`
`1001`	`1015`	`EP_DHCPData.eDHCPState = eInitialWait;`
	`1016`	`+`
	`1017`	`+ /* Reset expected state so that DHCP packets from`
	`1018`	`+ * different DHCP servers if available already in the DHCP socket can`
	`1019`	`+ * be processed */`
	`1020`	`+ EP_DHCPData.eExpectedState = eInitialWait;`
`1002`	`1021`	`}`
`1003`	`1022`	`}`
`1004`	`1023`