Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Scrub all public API calls to ensure that all input parameters are properly sanitized before use #300

Closed
skliper opened this issue Sep 30, 2019 · 5 comments
Closed

Scrub all public API calls to ensure that all input parameters are properly sanitized before use #300

skliper opened this issue Sep 30, 2019 · 5 comments
Assignees
@dmknutsen
Labels
duplicate enhancement

Comments

@skliper
Copy link
Contributor

skliper commented Sep 30, 2019

As a matter of policy, all CFE function calls that are available for use by external apps or libraries (i.e. all headers in the fsw/cfe-core/src/inc subdirectory) should sanity-check their input values before using them.

During recent code reviews it was noted that at least two of these functions were missing a required range check, as noted in bug #299.

This task is to perform an additional review on the public API calls and ensure that proper input value sanitization is being performed.
@skliper skliper added this to the 6.7.1 milestone Sep 30, 2019
@skliper
Copy link
Contributor Author

skliper commented Sep 30, 2019

Imported from trac issue 269. Created by jphickey on 2019-03-27T14:12:08, last modified: 2019-08-14T14:09:36

@skliper skliper self-assigned this Sep 30, 2019
@skliper
Copy link
Contributor Author

skliper commented Sep 30, 2019

Trac comment by jhageman on 2019-04-01 16:19:55:

As part of this scrub also confirm failures are reported as errors, and unit testing adequately covers the failure cases.

Closing #273 as a duplicate of this effort (also somewhat a duplicate of #299).

@skliper
Copy link
Contributor Author

skliper commented Sep 30, 2019

Trac comment by jhageman on 2019-07-03 12:48:08:

Moved unfinished 6.6.1 issues to next minor release

@skliper skliper removed their assignment Sep 30, 2019
@skliper skliper modified the milestones: 6.7.1, 6.7.0, 6.8.0 Sep 30, 2019
@skliper skliper mentioned this issue Nov 16, 2019
Closed
@skliper skliper mentioned this issue Feb 26, 2020
Open
@dmknutsen
Copy link
Contributor

I finished the API scrub. It is attached.
Also note that CFE_ES_SetAppState does not show up in the audit. That is because it is an internal function.
API_Audit_v2.xlsx

@dmknutsen dmknutsen mentioned this issue Mar 10, 2020
Open
@skliper
Copy link
Contributor Author

skliper commented Mar 16, 2020

See #546 #547 #548 #549

The API scrub effort was completed, resolution tickets written so no further action required on this ticket.

@skliper skliper closed this as completed Mar 16, 2020
@skliper skliper removed this from the 6.8.0 milestone May 12, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dmknutsen dmknutsen

Labels
duplicate enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@skliper @dmknutsen @astrogeco