Image 0 did not work. We now get rid of bootloader_backup_irq_table and
do this manually: We may not write to address 0 while an image is
running. So for image 0 we write the lower 8 pages to the backup
address. For all other images (ony image 1 currently) we write to
*both*, the original address *and* the backup address. This is done
because some addresses in the lower 8 pages *are* used at the original
address and the bootloader doesn't (want to) know which addresses are
which.
There are more safeguards now: We refuse to write to the active or
boot_next image (if boot_next is not boot_default). We mark the uploaded
partition as not ok.
Needs latest bootloader with commit ID a5771ae033b57.
Also get rid of genbackupisr hack: We can achieve the same thing with
avr-objcopy which doesn't need additional software.
We use the new bootloader setting for irq-save area of 0x800.
Compatible with old bootloader. Adds an additional section with a copy
of the interrupt vector table to the end of the image. This is needed by
the new bootloader and should be ok for the old bootloader.
Note that for this to work, everybody needs python installed with
the IntelHex python package. On Linux this can be achieved with
pip install IntelHex
Introduce new testing-app example.
Add a new coap error code for blockwise transfer.
Add include-file for bootloader callbacks (jumptable).
Note that only the bootloader for osd-merkur-256 will support
OTA-update, the -128 simply has not enough flash memory, so only
in the -256 we have the bootloader functions in the jump-table
of the bootloader and in the bootloader-if.h include-file.
This commit implements address validation for the broker address in the MQTT configuration page of the CC26XX web demo example. Additionally, the Type ID, Org ID, Auth Token, Command Type and Event Type ID fields have quotes escaped (" -> ") to prevent XSS/broken page issues when displaying user-sourced input in HTML input fields.
This commit implements address validation for the broker address in the
MQTT configuration page. Additionally, the Type ID, Org ID, Auth Token,
Command Type and Event Type ID fields have quotes escaped (" -> ")
to prevent XSS issues when displaying user-sourced input.
The result of converting the IP address of the broker wasn't checked. As a result, the pointer was left uninitialised and the IPv6 address used for connecting was some random data. The function now returns an error. Before connect_to_broker is called, mqtt_register is executed, which memsets conn to 0, making its state 0 (MQTT_CONN_STATE_ERROR). In order to recover from this error state, the extra check was added in the MQTT_CLIENT_STATE_NEWCONFIG state.
This was discovered using [CodeSonar](https://www.grammatech.com/products/codesonar)
When a connection is aborted by the HTTP server while it's still being processed it is possible to hit a null pointer dereference issue by jumping back to a protothread (outputpt) after its httpd_state has been freed. This can be triggered by sending a POST to any form in the CC26xx web demo server using Firefox.
This patch prevents that by zeroing out httpd_state structs before freeing them, thus also clearing the httpd_state->outputpt field.
Tested using Firefox 55.0a1 on a CC2650 LaunchPad.
When UIP_ND6_SEND_NS is enabled, I've noticed that unreachable
neighbours still remains in REACHABLE state even if lifetime
(nbr->reachable) expired.
During network init 'tcpip_process' is scheduling
'uip_ds6_timer_periodic' is to tick every 100ms and make necessary
expirations.
When MAC addres is received from slip-radio (from 'etimer_process'
context), network is "reinitialized" and timer 'uip_ds6_timer_periodic'
is set again with wrong process.