Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[chip-tool] Cancel the CHIPCallbacks when the chip-tool ends up to av… #15914

Merged
merged 1 commit into from
Mar 8, 2022
Merged

[chip-tool] Cancel the CHIPCallbacks when the chip-tool ends up to av… #15914

merged 1 commit into from
Mar 8, 2022

Conversation

vivien-apple
Copy link
Contributor

…oid a use-after-free if there is a timeout trying to get the device

Problem

Running the command ./out/debug/standalone/chip-tool basic subscribe node-label 0 100 0 0x12344321 0 where 0x12344321 is not a known node id ends up into a use-after-free.

Change overview

  • Manually cancels the callbacks

@vivien-apple
[chip-tool] Cancel the CHIPCallbacks when the chip-tool ends up to av…
4a7a8db 
…oid a use-after-free if there is a timeout trying to get the device
@vivien-apple vivien-apple self-assigned this Mar 7, 2022
@github-actions
Copy link

github-actions bot commented Mar 7, 2022
edited
Loading

PR #15914: Size comparison from 5cefe19 to 4a7a8db

Increases (2 builds for linux)
platform target config section 5cefe19 4a7a8db change % change
linux chip-tool debug (read only) 9746901 9746965 64 0.0
.text 8498613 8498677 64 0.0
chip-tool-ipv6only arm64 (read only) 9420276 9420340 64 0.0
.text 7931956 7932020 64 0.0
Full report (31 builds for cyw30739, efr32, esp32, k32w, linux, mbed, nrfconnect, p6, qpg, telink)
platform target config section 5cefe19 4a7a8db change % change
cyw30739 light cyw930739m2evb_01 (read/write) 601654 601654 0 0.0
.app_xip_area 506188 506188 0 0.0
.bss 78148 78148 0 0.0
.data 660 660 0 0.0
.rodata 0 0 0 0.0
.text 0 0 0 0.0
lock cyw930739m2evb_01 (read/write) 559630 559630 0 0.0
.app_xip_area 465700 465700 0 0.0
.bss 76652 76652 0 0.0
.data 624 624 0 0.0
.rodata 0 0 0 0.0
.text 0 0 0 0.0
ota-requestor cyw930739m2evb_01 (read/write) 581826 581826 0 0.0
.app_xip_area 478216 478216 0 0.0
.bss 85980 85980 0 0.0
.data 592 592 0 0.0
.rodata 0 0 0 0.0
.text 112 112 0 0.0
efr32 lighting-app BRD4161A (read only) 920724 920724 0 0.0
(read/write) 128848 128848 0 0.0
.bss 126768 126768 0 0.0
.data 2080 2080 0 0.0
.text 920716 920716 0 0.0
BRD4161A+rpc (read only) 949560 949560 0 0.0
(read/write) 144808 144808 0 0.0
.bss 142544 142544 0 0.0
.data 2260 2260 0 0.0
.text 949552 949552 0 0.0
lock-app BRD4161A+wf200 (read only) 988692 988692 0 0.0
(read/write) 120368 120368 0 0.0
.bss 118436 118436 0 0.0
.data 1932 1932 0 0.0
.text 988684 988684 0 0.0
window-app BRD4161A (read only) 853784 853784 0 0.0
(read/write) 126840 126840 0 0.0
.bss 124912 124912 0 0.0
.data 1924 1924 0 0.0
.text 853776 853776 0 0.0
esp32 all-clusters-app c3devkit (read only) 957276 957276 0 0.0
(read/write) 1393586 1393586 0 0.0
.dram0.bss 63432 63432 0 0.0
.dram0.data 14236 14236 0 0.0
.flash.rodata 197000 197000 0 0.0
.flash.text 957276 957276 0 0.0
.iram0.text 62016 62016 0 0.0
m5stack (read only) 1012079 1012079 0 0.0
(read/write) 460692 460692 0 0.0
.dram0.bss 68960 68960 0 0.0
.dram0.data 34080 34080 0 0.0
.flash.rodata 225816 225816 0 0.0
.flash.text 1006695 1006695 0 0.0
.iram0.text 123107 123107 0 0.0
k32w light k32w061+release (read/write) 694616 694616 0 0.0
.bss 77704 77704 0 0.0
.data 1964 1964 0 0.0
.text 609148 609148 0 0.0
lock k32w061+release (read/write) 696204 696204 0 0.0
.bss 77672 77672 0 0.0
.data 1972 1972 0 0.0
.text 610760 610760 0 0.0
linux all-clusters-app debug (read only) 2425521 2425521 0 0.0
(read/write) 145760 145760 0 0.0
.bss 60128 60128 0 0.0
.data 1392 1392 0 0.0
.data.rel.ro 78504 78504 0 0.0
.dynamic 592 592 0 0.0
.got 4176 4176 0 0.0
.init 27 27 0 0.0
.init_array 920 920 0 0.0
.rodata 205349 205349 0 0.0
.text 2057042 2057042 0 0.0
bridge-app debug+rpc (read only) 1730805 1730805 0 0.0
(read/write) 92720 92720 0 0.0
.bss 47432 47432 0 0.0
.data 2048 2048 0 0.0
.data.rel.ro 38144 38144 0 0.0
.dynamic 592 592 0 0.0
.got 3928 3928 0 0.0
.init 27 27 0 0.0
.init_array 544 544 0 0.0
.rodata 141652 141652 0 0.0
.text 1473013 1473013 0 0.0
chip-tool debug (read only) 9746901 9746965 64 0.0
(read/write) 338232 338232 0 0.0
.bss 25544 25544 0 0.0
.data 1152 1152 0 0.0
.data.rel.ro 305504 305504 0 0.0
.dynamic 608 608 0 0.0
.got 4776 4776 0 0.0
.init 27 27 0 0.0
.init_array 616 616 0 0.0
.rodata 509812 509812 0 0.0
.text 8498613 8498677 64 0.0
chip-tool-ipv6only arm64 (read only) 9420276 9420340 64 0.0
(read/write) 453761 453761 0 0.0
.bss 43841 43841 0 0.0
.data 1200 1200 0 0.0
.data.rel.ro 350648 350648 0 0.0
.dynamic 560 560 0 0.0
.got 54272 54272 0 0.0
.init 24 24 0 0.0
.init_array 192 192 0 0.0
.rodata 485612 485612 0 0.0
.text 7931956 7932020 64 0.0
door-lock-app debug (read only) 1945161 1945161 0 0.0
(read/write) 119136 119136 0 0.0
.bss 50432 50432 0 0.0
.data 1056 1056 0 0.0
.data.rel.ro 62264 62264 0 0.0
.dynamic 592 592 0 0.0
.got 4112 4112 0 0.0
.init 27 27 0 0.0
.init_array 664 664 0 0.0
.rodata 173596 173596 0 0.0
.text 1622754 1622754 0 0.0
lighting-app debug+rpc (read only) 2076929 2076929 0 0.0
(read/write) 124536 124536 0 0.0
.bss 51296 51296 0 0.0
.data 1568 1568 0 0.0
.data.rel.ro 66184 66184 0 0.0
.dynamic 608 608 0 0.0
.got 4144 4144 0 0.0
.init 27 27 0 0.0
.init_array 720 720 0 0.0
.rodata 165692 165692 0 0.0
.text 1755458 1755458 0 0.0
ota-provider-app debug (read only) 1878017 1878017 0 0.0
(read/write) 114768 114768 0 0.0
.bss 50240 50240 0 0.0
.data 1352 1352 0 0.0
.data.rel.ro 57544 57544 0 0.0
.dynamic 608 608 0 0.0
.got 4368 4368 0 0.0
.init 27 27 0 0.0
.init_array 616 616 0 0.0
.rodata 158835 158835 0 0.0
.text 1568290 1568290 0 0.0
ota-requestor-app debug (read only) 1900081 1900081 0 0.0
(read/write) 117512 117512 0 0.0
.bss 51296 51296 0 0.0
.data 1512 1512 0 0.0
.data.rel.ro 59256 59256 0 0.0
.dynamic 592 592 0 0.0
.got 4160 4160 0 0.0
.init 27 27 0 0.0
.init_array 640 640 0 0.0
.rodata 154124 154124 0 0.0
.text 1595730 1595730 0 0.0
shell debug (read only) 2392305 2392305 0 0.0
(read/write) 149976 149976 0 0.0
.bss 70216 70216 0 0.0
.data 864 864 0 0.0
.data.rel.ro 73232 73232 0 0.0
.dynamic 592 592 0 0.0
.got 4160 4160 0 0.0
.init 27 27 0 0.0
.init_array 904 904 0 0.0
.rodata 205298 205298 0 0.0
.text 2030098 2030098 0 0.0
thermostat-no-ble arm64 (read only) 2174116 2174116 0 0.0
(read/write) 148609 148609 0 0.0
.bss 65201 65201 0 0.0
.data 1080 1080 0 0.0
.data.rel.ro 75136 75136 0 0.0
.dynamic 560 560 0 0.0
.got 4224 4224 0 0.0
.init 24 24 0 0.0
.init_array 352 352 0 0.0
.rodata 132948 132948 0 0.0
.text 1822544 1822544 0 0.0
tv-app debug (read only) 2617369 2617369 0 0.0
(read/write) 250872 250872 0 0.0
.bss 167936 167936 0 0.0
.data 3200 3200 0 0.0
.data.rel.ro 73704 73704 0 0.0
.dynamic 592 592 0 0.0
.got 4544 4544 0 0.0
.init 27 27 0 0.0
.init_array 880 880 0 0.0
.rodata 199389 199389 0 0.0
.text 2243698 2243698 0 0.0
mbed lock-app CY8CPROTO_062_4343W+release (read only) 6224 6224 0 0.0
(read/write) 2350468 2350468 0 0.0
.bss 186084 186084 0 0.0
.data 5800 5800 0 0.0
.text 1313068 1313068 0 0.0
nrfconnect all-clusters-app nrf52840dk_nrf52840 (read/write) 1151515 1151515 0 0.0
bss 146792 146792 0 0.0
rodata 144276 144276 0 0.0
text 785260 785260 0 0.0
p6 all-clusters-app default (read/write) 2493880 2493880 0 0.0
.bss 119504 119504 0 0.0
.data 2696 2696 0 0.0
.text 1452144 1452144 0 0.0
light-app default (read/write) 2397328 2397328 0 0.0
.bss 112976 112976 0 0.0
.data 2544 2544 0 0.0
.text 1355592 1355592 0 0.0
lock-app default (read/write) 2360808 2360808 0 0.0
.bss 112720 112720 0 0.0
.data 2504 2504 0 0.0
.text 1319072 1319072 0 0.0
qpg lighting-app qpg6105+debug (read only) 603812 603812 0 0.0
(read/write) 146936 146936 0 0.0
.bss 91080 91080 0 0.0
.data 1164 1164 0 0.0
.text 598492 598492 0 0.0
lock-app qpg6105+debug (read only) 569480 569480 0 0.0
(read/write) 146936 146936 0 0.0
.bss 91088 91088 0 0.0
.data 1116 1116 0 0.0
.text 564160 564160 0 0.0
persistent-storage-app qpg6105+debug (read only) 99520 99520 0 0.0
(read/write) 146940 146940 0 0.0
.bss 24004 24004 0 0.0
.data 176 176 0 0.0
.text 94200 94200 0 0.0
telink lighting-app tlsr9518adk80d (read/write) 888670 888670 0 0.0
bss 86928 86928 0 0.0
noinit 37160 37160 0 0.0
text 628058 628058 0 0.0

@vivien-apple vivien-apple mentioned this pull request Mar 7, 2022
Closed
@woody-apple woody-apple merged commit db29f08 into project-chip:master Mar 8, 2022
mykrupp referenced this pull request in mykrupp/connectedhomeip-1 Mar 8, 2022
@vivien-apple @mykrupp
[chip-tool] Cancel the CHIPCallbacks when the chip-tool ends up to av…
81b1ed0 
…oid a use-after-free if there is a timeout trying to get the device (#15914)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@woody-apple woody-apple woody-apple approved these changes

@andy31415 andy31415 andy31415 approved these changes

@anush-apple anush-apple Awaiting requested review from anush-apple

@balducci-apple balducci-apple Awaiting requested review from balducci-apple

@Byungjoo-Lee Byungjoo-Lee Awaiting requested review from Byungjoo-Lee

@bzbarsky-apple bzbarsky-apple Awaiting requested review from bzbarsky-apple

@carol-apple carol-apple Awaiting requested review from carol-apple

@cecille cecille Awaiting requested review from cecille

@chrisdecenzo chrisdecenzo Awaiting requested review from chrisdecenzo

@chshu chshu Awaiting requested review from chshu

@chulspro chulspro Awaiting requested review from chulspro

@Damian-Nordic Damian-Nordic Awaiting requested review from Damian-Nordic

@dhrishi dhrishi Awaiting requested review from dhrishi

@electrocucaracha electrocucaracha Awaiting requested review from electrocucaracha

@franck-apple franck-apple Awaiting requested review from franck-apple

@gjc13 gjc13 Awaiting requested review from gjc13

@hawk248 hawk248 Awaiting requested review from hawk248

@holbrookt holbrookt Awaiting requested review from holbrookt

@harsha-rajendran harsha-rajendran Awaiting requested review from harsha-rajendran

@isiu-apple isiu-apple Awaiting requested review from isiu-apple

@jelderton jelderton Awaiting requested review from jelderton

@jepenven-silabs jepenven-silabs Awaiting requested review from jepenven-silabs

@jmartinez-silabs jmartinez-silabs Awaiting requested review from jmartinez-silabs

@kghost kghost Awaiting requested review from kghost

@kpschoedel kpschoedel Awaiting requested review from kpschoedel

@lazarkov lazarkov Awaiting requested review from lazarkov

@LuDuda LuDuda Awaiting requested review from LuDuda

@lzgrablic02 lzgrablic02 Awaiting requested review from lzgrablic02

@mlepage-google mlepage-google Awaiting requested review from mlepage-google

@mrjerryjohns mrjerryjohns Awaiting requested review from mrjerryjohns

@msandstedt msandstedt Awaiting requested review from msandstedt

@sagar-apple sagar-apple Awaiting requested review from sagar-apple

@saurabhst saurabhst Awaiting requested review from saurabhst

@selissia selissia Awaiting requested review from selissia

@tcarmelveilleux tcarmelveilleux Awaiting requested review from tcarmelveilleux

@tecimovic tecimovic Awaiting requested review from tecimovic

@vijs vijs Awaiting requested review from vijs

@wbschiller wbschiller Awaiting requested review from wbschiller

@xylophone21 xylophone21 Awaiting requested review from xylophone21

@yunhanw-google yunhanw-google Awaiting requested review from yunhanw-google

Assignees

@vivien-apple vivien-apple

Labels
examples review - approved
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@vivien-apple @andy31415 @woody-apple