Skip to content

RDKEMW-15175: Prevent buffer overflow when binary data contains protocol delimiter bytes#416

Merged
ks734 merged 4 commits intordkcentral:release/v3.16from
ks734:hotfix/RDKEMW-12359
Mar 11, 2026
Merged

RDKEMW-15175: Prevent buffer overflow when binary data contains protocol delimiter bytes#416
ks734 merged 4 commits intordkcentral:release/v3.16from
ks734:hotfix/RDKEMW-12359

Conversation

@ks734
Copy link
Contributor

@ks734 ks734 commented Mar 4, 2026

Description

  • processMessage(): add len <= 0 guard that logs an error and returns -1, dropping the malformed message safely before any memcpy
  • processMessage(): change std::min<size_t> to std::min<ssize_t> to prevent silent unsigned wrap of negative length values
  • processLogData(): fix memmove(mMsgBuf, mMsgBuf, mMsgLen) no-op bug; correct source pointer to msgStart so consumed bytes are actually discarded from the buffer

Test Procedure

The crash is non-deterministic: it only occurs when the binary key bytes happen to contain a 0x1e or 0x1f byte

Type of Change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Other (doesn't fit into the above categories - e.g. documentation updates)

Requires Bitbake Recipe changes?

  • The base Bitbake recipe (meta-rdk-ext/recipes-containers/dobby/dobby.bb) must be modified to support the changes in this PR (beyond updating SRC_REV)

Copilot AI review requested due to automatic review settings March 4, 2026 06:38
Copilot AI reviewed Mar 4, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR hardens the EthanLog (container log relay) message parsing logic to safely handle malformed/binary data that may contain the protocol delimiter bytes, preventing potential memory corruption and ensuring the internal buffer is correctly compacted after consuming data.

Changes:

  • Fix buffer compaction in processLogData() by correcting a memmove no-op so consumed bytes are actually removed.
  • Harden processMessage() against invalid (<= 0) lengths and avoid unsigned wrap by using std::min<ssize_t>.
  • Clarify the rationale for skipping empty/invalid fields when delimiter bytes appear in binary payloads.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Copilot AI review requested due to automatic review settings March 9, 2026 10:49
Copilot AI reviewed Mar 9, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated no new comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@ks734 ks734 changed the title RDKEMW-12359: Prevent buffer overflow when binary data contains protocol delimiter bytes RDKEMW-15175: Prevent buffer overflow when binary data contains protocol delimiter bytes Mar 11, 2026
@ks734 ks734 merged commit 73dfcbb into rdkcentral:release/v3.16 Mar 11, 2026
20 of 21 checks passed
@github-actions github-actions bot locked and limited conversation to collaborators Mar 11, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

Copilot code review Copilot Copilot left review comments

@madanagopalt madanagopalt madanagopalt approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ks734 @madanagopalt