I've discover a bug in SHA2_finalize() when address zero is protected again read.
We are developing an application that run on FreeRTOS. To prevent bug and potential
attack we are using Restricted task (xTaskCreateRestricted()). Theses tasks can only access
their own data buffer and the memory zone 0x0 -> 0x4000 is protected again any access.
Sadly the function SHA2_finalize() in the file source\ti\drivers\sha2\SHA2MSP432E4.c
of the SimpleLink SDK has bug. This function dereference the SHA2_data pointer, which
is set to NULL. This cause an access to an protected memory zone and trigger an MPU exception.
the call stack is the following:
1: SHA2_finalize() set SHA2_data to NULL.
2: SHA2_finalize call SHA2_execAndWaitForFinished()
3: SHA2_execAndWaitForFinished() call SHA2_processData()
4: SHA2_processData() execute the following code
word = (*SHA2_data) << (bytesToMergeFromBuffer * 8);
5: MPU exception is triggered (SHA2_data = NULL)
I've work around the bug by setting SHA2_data to a memory zone that is accessible to
all task. But I believe the correct fix should be to skip the faulty operation when the
operation is SHA2_OperationType_Finalize.
How can submit a but report so that the next SimpleLink SDK does not has this issue?
-
Ask a related question
What is a related question?A related question is a question created from another question. When the related question is created, it will be automatically linked to the original question.