B-L475E-IOT01A1 WiFi
shijiameng opened this issue · 2 comments
Caution
The Issues are strictly limited for the reporting of problem encountered with the software provided in this project.
For any other problem related to the STM32 product, the performance, the hardware characteristics and boards, the tools the environment in general, please post a topic in the ST Community/STM32 MCUs forum.
Describe the set-up
- B-L475E-IOT01A1
- STM32CubeIDE
Describe the bug
In es_wifi_io.c, absence of bound check in line 213 function SPI_WIFI_ResetModule
might cause stack buffer overflow:
STM32CubeL4/Projects/B-L475E-IOT01A/Applications/WiFi/Common/Src/es_wifi_io.c
Lines 211 to 220 in 503ab07
How To Reproduce
-
Hardware preparation: a wifi access point, set its SSID and passward as
LI_H3C
and1qaz2wsx
-
Target application:
WiFi_Client_Server
-
Download reproduce.zip, uncompress it and apply the patch. This patch includes the use case injection.
-
Compile
WiFi_Client_Server
and run it with debugger. The program would halt at breakpoint__BKPT(0x10)
if the buffer overflow arises.
Additional context
- Same issue in STM32H7 firmware package v1.11.0: STMicroelectronics/STM32CubeH7#252
- A PR regarding this issue will be posted.
Hello @shijiameng,
Thank you for this report. We will get back to you as soon as we analyze it further. This may take some time. Thank you for your comprehension.
With regards,
ST Internal Reference: 158543