Skip to content

Fix potential out of bounds write (CWE-787) when processing LLMNR or mDNS queries #1259

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Jun 4, 2025
Merged

Fix potential out of bounds write (CWE-787) when processing LLMNR or mDNS queries #1259

merged 6 commits into from
Jun 4, 2025

Conversation

@tony-josi-aws
Copy link
Member

@tony-josi-aws tony-josi-aws commented Jun 4, 2025

Description

This change addresses a potential out-of-bounds write when processing LLMNR or mDNS queries with very long DNS names. This issue only affects systems using Buffer Allocation Scheme 1 with LLMNR or mDNS enabled.

We would like to thank Paschal Amusuo (@AmPaschal), James C Davis (@davisjam), Taylor Le Lievre (@tlelievre26), and Aravind Kumar Machiry (@Machiry) of Purdue University for collaborating on this issue through the coordinated vulnerability disclosure process.

Test Steps

Checklist:

  • I have tested my changes. No regression in existing tests.
  • I have modified and/or added unit-tests to cover the code changes in this Pull Request.

Related Issue

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

tautschnig and others added 4 commits June 4, 2025 14:04
@tautschnig @ActoryOu @tony-josi-aws
[Draft] CBMC: replace any missing functions by assert-false (FreeRTOS…
889750d 
…#1147)

* CBMC: replace any missing functions by assert-false

---------

Co-authored-by: ActoryOu <[email protected]>
@tautschnig @tony-josi-aws @ActoryOu
Adjust proof tooling to support CBMC v6 (FreeRTOS#1180)
b1a964e 
* Adjust proof tooling to support CBMC v6

With CBMC v6, unwinding assertions as well as other checks are enabled
by default.

* Fix CBMC issues

* Fix spelling & formatting

* Fix build-check

* Add unit test cases for FreeRTOS_multiply_int32 and FreeRTOS_add_int32

* Tony's comment

* Bump CBMC version to very latest release

* Replace Synopsys link with blackduck one to solve link error.

* Move the comment to the right place

---------

Co-authored-by: Tony Josi <[email protected]>
Co-authored-by: ActoryOu <[email protected]>
Co-authored-by: ActoryOu <[email protected]>
@tony-josi-aws
Fix potential out of bounds write (CWE-787) when processing LLMNR or …
1ab47c9 
…mDNS queries
@tony-josi-aws
Fix CI
ef82823
@tony-josi-aws tony-josi-aws merged commit a369c52 into FreeRTOS:v4.2.2 Jun 4, 2025
10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ActoryOu ActoryOu ActoryOu approved these changes

@aggarg aggarg aggarg approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@tony-josi-aws @ActoryOu @aggarg @tautschnig @kar-rahul-aws