Search found 534 matches

by ESP_Angus
Wed Oct 18, 2017 7:57 am
Forum: ESP32 HDK
Topic: Weird WiFi behaviour
Replies: 2
Views: 48

Re: Weird WiFi behaviour

What ESP32 hardware (module, board, antenna, etc.) are you using?
by ESP_Angus
Wed Oct 18, 2017 6:52 am
Forum: General Discussion
Topic: Diagnosing heap corruption
Replies: 13
Views: 200

Re: Diagnosing heap corruption

The above messages are fairly reproducable, but which of the two cases in the docs do they indicate? The following two descriptions are very similar, I can't make out the difference. If an application crashes reading/writing an address related to 0xFEFEFEFE, this indicates it is reading heap memory...
by ESP_Angus
Wed Oct 18, 2017 2:38 am
Forum: General Discussion
Topic: gatt client - heap corruption
Replies: 5
Views: 66

Re: gatt client - heap corruption

OK. It looks like there are some hardware differences, for example one module has revision 0 silicon and the other has revision 1. This is almost certainly not the cause of the bug, but it may change timing around a tiny bit - making it enough to trigger on one module. Suggest following the steps at...
by ESP_Angus
Wed Oct 18, 2017 2:16 am
Forum: General Discussion
Topic: Diagnosing heap corruption
Replies: 13
Views: 200

Re: Diagnosing heap corruption

Ok, lets say I get an address of 0x1234. I add additional checks to heap_caps_check_integrity(0x1234) and recompile. What guarantees that the dynamic allocation of the overflown buffer places it in the same heap this time? No guarantee, it entirely depends on your code. If you see that heap corrupt...
by ESP_Angus
Tue Oct 17, 2017 10:42 am
Forum: General Discussion
Topic: gatt client - heap corruption
Replies: 5
Views: 66

Re: gatt client - heap corruption

Hi dhs2017, Are there any other differences between the two modules (ESP32 silicon revision, SPI flash type or size, etc?) Can you post the full log from both, please? There may be some hardware-specific differences which change the timing of the code, and cause the heap corruption bug to trigger. S...
by ESP_Angus
Tue Oct 17, 2017 8:25 am
Forum: ESP32 HDK
Topic: Module ground/thermal pads
Replies: 4
Views: 315

Re: Module ground/thermal pads

I spoke to some of our hardware engineers about this. The note in the ESP-WROOM32 datasheet stating that soldering the base pad (39) is not recommended is a translation error. More accurately, soldering this pad is not necessary. The datasheet will be updated. If the pad is soldered then it should b...
by ESP_Angus
Tue Oct 17, 2017 1:34 am
Forum: General Discussion
Topic: Diagnosing heap corruption
Replies: 13
Views: 200

Re: Diagnosing heap corruption

If I'm reading the docs correctly, by calling heap_caps_check_integrity_addr() I can check for out-of-bounds writes of any dynamically allocated memory area, including the buffer of std::vector<uint8_t>, retrieved via the data() method. Correct? That's right. This is a performance boost over checki...
by ESP_Angus
Mon Oct 16, 2017 1:34 pm
Forum: Report Bugs
Topic: WPA vulernability KRACK
Replies: 2
Views: 208

Re: WPA vulernability KRACK

Yes, please see here for details of (existing) patches:
viewtopic.php?f=13&p=15672#p15672

ESP8266 has also already been patched, and patched versions are already on github. An official announcement will be made on the relevant forum soon.
by ESP_Angus
Mon Oct 16, 2017 9:41 am
Forum: ESP32 SDK
Topic: WiFi WPA2 protocol vulnerabilities (VU#228519)
Replies: 5
Views: 1681

WiFi WPA2 protocol vulnerabilities (VU#228519)

(The CVEs and VU# mentioned here are under embargo at the respective sites for a couple more hours so the below links do not work, but the researcher has just released details of the attack which link to these vulnerability references, so we're reproducing them here.) See the official p...
by ESP_Angus
Mon Oct 16, 2017 7:57 am
Forum: General Discussion
Topic: Diagnosing heap corruption
Replies: 13
Views: 200

Re: Diagnosing heap corruption

Given a stack dump like the above, is there anyway to get an initial clue to what static buffer or caller that it detected the corruption in, if you haven't added any calls to the diagnostic/integrity checking functions yet? That backtrack looks interesting, but what is it a trace of, I can't see t...

Go to advanced search