Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SecureStore: Add member initializers for inc_handle_t #11810

Merged
merged 1 commit into from Nov 7, 2019

Conversation

@kyle-cypress
Copy link

kyle-cypress commented Nov 5, 2019

Description (required)

_inc_set_handle is new'd in SecureStore::init(), then its members are referenced in various functions without being explicitly initialized first. These pre-existing values can confuse the SecureStore's internal state and cause various undesired behaviors.

Note: At least on the ARM GCC versions that I've tested with (6.3.1 and 7.2.1), the default initialization is also achieved by using new inc_set_handle_t(); instead of new inc_set_handle_t; (note the added parentheses). I chose to add explicit initializers instead because a.) it is hard to tell whether this behavior is guaranteed by spec or just how GCC happens to be implemented and b.) the explicit initializers make it more clear what is going on (and are not prone to failure if a future change forgets to use parentheses with new).

Summary of change (What the change is for and why)

Fix use of uninitialized memory contents in SecureStore.

Documentation (Details of any document updates required)

Pull request type (required)

[x] Patch update (Bug fix / Target update / Docs update / Test update / Refactor)
[] Feature update (New feature / Functionality change / New API)
[] Major update (Breaking change E.g. Return code change / API behaviour change)

Test results (required)

[] No Tests required for this change (E.g docs only update)
[x] Covered by existing mbed-os tests (Greentea or Unittest)
[] Tests / results supplied as part of this PR

A full Greentea test log will be uploaded soon (probably tomorrow).


Reviewers (optional)

@ARMMbed/team-cypress


Release Notes (required for feature/major PRs)

Summary of changes
Impact of changes
Migration actions required
_inc_set_handle is new'd in SecureStore::init(), then its members are
referenced in various functions without being explicitly initialized
first. These pre-existing values can confuse the SecureStore's internal
state and cause various undesired behavior.
@ciarmcom ciarmcom requested review from ARMmbed/mbed-os-maintainers Nov 5, 2019
@ciarmcom

This comment has been minimized.

Copy link
Member

ciarmcom commented Nov 5, 2019

@kyle-cypress, thank you for your changes.
@ARMmbed/mbed-os-storage @ARMmbed/mbed-os-maintainers please review.

@kjbracey-arm

This comment has been minimized.

Copy link
Contributor

kjbracey-arm commented Nov 5, 2019

On the language point, new inc_set_handle_t() is guaranteed to work. Why is complicated. As of C++11, that's called "value initialisation" and the logic is:

  • If there is a user-provided default constructor, it calls that (same as new inc_set_handle_t), and then it's up to that constructor to initialise stuff properly. If it doesn't, it's that constructor's fault.
  • If there is no user-provided default constructor, it zero-initialises (covering any plain members), then default-initialises (covering any class members).

Anyway, I'm happy with the default member initialisers as you've done it.

@kyle-cypress

This comment has been minimized.

Copy link
Author

kyle-cypress commented Nov 5, 2019

Greentea test results: greentea.txt
The hal-sleep and hal-sleep_manager are a known failure on Cypress targets.

Note: These test were run with the changes from #11531 applied, because the kvstore tests do not run at all on Cypress targets without that PR. This PR is NOT dependent on #11531.

Copy link
Contributor

VeijoPesonen left a comment

Looks good to me

@0xc0170
0xc0170 approved these changes Nov 6, 2019
@0xc0170 0xc0170 added needs: CI and removed needs: review labels Nov 6, 2019
@0xc0170

This comment has been minimized.

Copy link
Member

0xc0170 commented Nov 6, 2019

CI started

@mbed-ci

This comment has been minimized.

Copy link

mbed-ci commented Nov 6, 2019

Test run: SUCCESS

Summary: 11 of 11 test jobs passed
Build number : 1
Build artifacts

@0xc0170 0xc0170 added ready for merge and removed needs: CI labels Nov 7, 2019
@0xc0170 0xc0170 merged commit f079dce into ARMmbed:master Nov 7, 2019
26 checks passed
26 checks passed
continuous-integration/jenkins/pr-head This commit looks good
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
jenkins-ci/build-ARM Success
Details
jenkins-ci/build-GCC_ARM Success
Details
jenkins-ci/build-IAR Success
Details
jenkins-ci/cloud-client-test Success
Details
jenkins-ci/dynamic-memory-usage RTOS ROM(+0 bytes) RAM(-72 bytes)
Details
jenkins-ci/exporter Success
Details
jenkins-ci/greentea-test Success
Details
jenkins-ci/mbed2-build-ARM Success
Details
jenkins-ci/mbed2-build-GCC_ARM Success
Details
jenkins-ci/mbed2-build-IAR Success
Details
jenkins-ci/unittests Success
Details
travis-ci/astyle Success!
Details
travis-ci/docs Success!
Details
travis-ci/doxy-spellcheck Success!
Details
travis-ci/events Success! Runtime is 8713 cycles.
Details
travis-ci/gitattributestest Success!
Details
travis-ci/include_check Success!
Details
travis-ci/licence_check Success!
Details
travis-ci/littlefs Success! Code size is 8420B.
Details
travis-ci/psa-autogen Success!
Details
travis-ci/tools-py2.7 Success!
Details
travis-ci/tools-py3.5 Success!
Details
travis-ci/tools-py3.6 Success!
Details
travis-ci/tools-py3.7 Success!
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
6 participants
You can’t perform that action at this time.