mirror of
https://github.com/RIOT-OS/RIOT.git
synced 2025-01-17 05:12:57 +01:00
Mirror of https://github.com/RIOT-OS/RIOT
6fb340d654
19057: fuzzing: Add uri_parser setup r=benpicco a=Teufelchen1 Hello! ### Contribution description This PR is a replacement for PR #18802 In this contribution: * The variable `AFL_FLAGS` is renamed to `FLAGS_FOR_AFL` because AFL is always complaining that `AFL_FLAGS` is not a valid env var for it. While this is not a bug nor an issue, I found it to be annoying. * A generic input reader is added to simplify building a test harness * The usage of this reader is demonstrated by adding a harness for fuzzing the uri_parser (needs squashing after review) ### Testing procedure Go to `fuzzing/uri_parser` and run `make all-asan` and `make fuzz` to get some action going. Also mildly interesting: `./dist/tools/compile_test/compile_like_murdock.py -b native -a fuzzing/uri_parser` ### Issues/PRs references The original PR #18802 is replaced because the generic input reader is present in both PRs but this PoC harness is much simpler. 19151: examples/gcoap: Fix shell parameter validation r=benpicco a=maribu ### Contribution description Executing the shell command with an URI-Path that doesn't start with a slash results in an assertion error while composing the client side message. This is suboptimal user experience, so add an explicit check for a valid URI-Path and a dedicated error message. ### Testing procedure #### In `master` ``` $ make BOARD=microbit-v2 -C examples/gcoap flash term [...] 2023-01-15 22:23:32,512 # coap get [::1] /.well-known/core 2023-01-15 22:23:32,516 # gcoap_cli: sending msg ID 52272, 23 bytes 2023-01-15 22:23:32,520 # gcoap: response Success, code 2.05, 46 bytes 2023-01-15 22:23:32,524 # </cli/stats>;ct=0;rt="count";obs,</riot/board> > coap get [::1] foo 2023-01-15 22:23:34,763 # coap get [::1] foo 2023-01-15 22:23:34,763 # 2329 2023-01-15 22:23:34,765 # *** RIOT kernel panic: 2023-01-15 22:23:34,767 # FAILED ASSERTION. 2023-01-15 22:23:34,767 # 2023-01-15 22:23:34,775 # pid | name | state Q | pri | stack ( used) ( free) | base addr | current 2023-01-15 22:23:34,784 # - | isr_stack | - - | - | 512 ( 200) ( 312) | 0x20000000 | 0x200001c8 2023-01-15 22:23:34,793 # 1 | main | running Q | 7 | 1536 ( 1072) ( 464) | 0x200006c0 | 0x2000095c 2023-01-15 22:23:34,802 # 2 | 6lo | bl rx _ | 3 | 1024 ( 328) ( 696) | 0x200036c0 | 0x200039c4 2023-01-15 22:23:34,810 # 3 | ipv6 | bl rx _ | 4 | 1024 ( 460) ( 564) | 0x20001294 | 0x20001574 2023-01-15 22:23:34,819 # 4 | udp | bl rx _ | 5 | 512 ( 300) ( 212) | 0x20003e98 | 0x20003f9c 2023-01-15 22:23:34,828 # 5 | coap | bl anyfl _ | 6 | 1112 ( 704) ( 408) | 0x20000e38 | 0x200011c4 2023-01-15 22:23:34,837 # 6 | nrf802154 | bl anyfl _ | 2 | 896 ( 288) ( 608) | 0x20001a90 | 0x20001d54 2023-01-15 22:23:34,843 # | SUM | | | 6616 ( 3352) ( 3264) 2023-01-15 22:23:34,843 # 2023-01-15 22:23:34,844 # *** halted. 2023-01-15 22:23:34,844 # ``` #### This PR ``` $ make BOARD=microbit-v2 -C examples/gcoap flash term [...] make: Entering directory '/home/maribu/Repos/software/RIOT/examples/gcoap' /home/maribu/Repos/software/RIOT/dist/tools/pyterm/pyterm -p "/dev/ttyACM0" -b "115200" 2023-01-15 22:22:27,842 # Connect to serial port /dev/ttyACM0 Welcome to pyterm! Type '/exit' to exit. coap get [::1] /.well-known/core 2023-01-15 22:22:40,042 # coap get [::1] /.well-known/core 2023-01-15 22:22:40,046 # gcoap_cli: sending msg ID 25182, 23 bytes 2023-01-15 22:22:40,050 # gcoap: response Success, code 2.05, 46 bytes 2023-01-15 22:22:40,054 # </cli/stats>;ct=0;rt="count";obs,</riot/board> > coap get [::1] foo 2023-01-15 22:22:43,858 # coap get [::1] foo 2023-01-15 22:22:43,862 # ERROR: URI-Path must start with a "/" 2023-01-15 22:22:43,866 # usage: coap <get|post|put|ping|proxy|info> ``` ### Issues/PRs references None Co-authored-by: Teufelchen1 <bennet.blischke@haw-hamburg.de> Co-authored-by: Marian Buschsieweke <marian.buschsieweke@ovgu.de> |
||
|---|---|---|
| .cargo | ||
| .github | ||
| .vscode | ||
| boards | ||
| bootloaders | ||
| core | ||
| cpu | ||
| dist | ||
| doc | ||
| drivers | ||
| examples | ||
| fuzzing | ||
| kconfigs | ||
| makefiles | ||
| pkg | ||
| sys | ||
| tests | ||
| .bandit | ||
| .gitattributes | ||
| .gitignore | ||
| .mailmap | ||
| .murdock | ||
| .murdock.yml | ||
| bors.toml | ||
| CITATION.cff | ||
| CODE_OF_CONDUCT.md | ||
| CODEOWNERS | ||
| CODING_CONVENTIONS_C++.md | ||
| CODING_CONVENTIONS.md | ||
| CONTRIBUTING.md | ||
| doc.txt | ||
| Kconfig | ||
| LICENSE | ||
| LOSTANDFOUND.md | ||
| MAINTAINING.md | ||
| Makefile | ||
| Makefile.base | ||
| Makefile.dep | ||
| Makefile.features | ||
| Makefile.include | ||
| README.md | ||
| release-notes.txt | ||
| SECURITY.md | ||
| uncrustify-riot.cfg | ||
| Vagrantfile | ||
The friendly Operating System for IoT!
RIOT is a real-time multi-threading operating system that supports a range of devices that are typically found in the Internet of Things (IoT): 8-bit, 16-bit and 32-bit microcontrollers.
RIOT is based on the following design principles: energy-efficiency, real-time capabilities, small memory footprint, modularity, and uniform API access, independent of the underlying hardware (this API offers partial POSIX compliance).
RIOT is developed by an international open source community which is independent of specific vendors (e.g. similarly to the Linux community). RIOT is licensed with LGPLv2.1, a copyleft license which fosters indirect business models around the free open-source software platform provided by RIOT, e.g. it is possible to link closed-source code with the LGPL code.
FEATURES
RIOT provides features including, but not limited to:
- a preemptive, tickless scheduler with priorities
- flexible memory management
- high resolution, long-term timers
- MTD abstraction layer
- File System integration
- support 200+ boards based on AVR, MSP430, ESP8266, ESP32, RISC-V, ARM7 and ARM Cortex-M
- the native port allows to run RIOT as-is on Linux and BSD. Multiple instances of RIOT running on a single machine can also be interconnected via a simple virtual Ethernet bridge or via a simulated IEEE 802.15.4 network (ZEP)
- IPv6
- 6LoWPAN (RFC4944, RFC6282, and RFC6775)
- UDP
- RPL (storing mode, P2P mode)
- CoAP
- OTA updates via SUIT
- MQTT
- USB (device mode)
- Display / Touchscreen support
- CCN-Lite
- LoRaWAN
- UWB
- Bluetooth (BLE) via NimBLE
GETTING RIOT
The most convenient way to get RIOT is to clone it via Git
$ git clone https://github.com/RIOT-OS/RIOT
this will ensure that you get all the newest features and bug fixes with the caveat of an ever changing work environment.
If you prefer things more stable, you can download the source code of one of our quarter annual releases via Github as ZIP file or tarball. You can also checkout a release in a cloned Git repository using
$ git pull --tags
$ git checkout <YYYY.MM>
For more details on our release cycle, check our documentation.
GETTING STARTED
- You want to start the RIOT? Just follow our quickstart guide or try this tutorial. For specific toolchain installation, follow instructions in the getting started page.
- The RIOT API itself can be built from the code using doxygen. The latest version of the documentation is uploaded daily to doc.riot-os.org.
FORUM
Do you have a question, want to discuss a new feature, or just want to present your latest project using RIOT? Come over to our forum and post to your hearts content.
CONTRIBUTE
To contribute something to RIOT, please refer to our contributing document.
MAILING LISTS
- RIOT commits: commits@riot-os.org
- Github notifications: notifications@riot-os.org
LICENSE
- Most of the code developed by the RIOT community is licensed under the GNU Lesser General Public License (LGPL) version 2.1 as published by the Free Software Foundation.
- Some external sources, especially files developed by SICS are published under a separate license.
All code files contain licensing information.
For more information, see the RIOT website: