Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cJSON_CreateIntArray(i_numbers, 0) causes a panic (IDFGH-5595) #7317

Closed
nopnop2002 opened this issue Jul 24, 2021 · 8 comments
Closed

cJSON_CreateIntArray(i_numbers, 0) causes a panic (IDFGH-5595) #7317

nopnop2002 opened this issue Jul 24, 2021 · 8 comments
Labels
Resolution: Done Issue is done internally Status: Done Issue is done internally

Comments

@nopnop2002
Copy link

Environment

Core is ESP32@160Mhz
freeRTOS version:V10.2.1
NEWLIB version:3.3.0
lwIP version:2-1-3-0
ESP-IDF version:v4.4-dev-2184-g166c30e7b
package is ESP32D0WDQ6
cJSON_Version:1.7.14

Problem Description

cJSON_CreateIntArray(i_numbers, 1) don't causes a panic.
But cJSON_CreateIntArray(i_numbers, 0) causes a panic.

Expected Behavior

cJSON_CreateIntArray(i_numbers, 0) don't causes panic.

Actual Behavior

cJSON_CreateIntArray(i_numbers, 0) causes a panic.

I (0) cpu_start: Starting scheduler on APP CPU.
I (330) JSON: Serialize.....
I (340) JSON: my_json_string
{
        "intArray":     [1, 11, 111]
}
Guru Meditation Error: Core  0 panic'ed (StoreProhibited). Exception was unhandled.

Core  0 register dump:
PC      : 0x400e738d  PS      : 0x00060130  A0      : 0x800d2562  A1      : 0x3ffb5900
0x400e738d: cJSON_CreateIntArray at /home/nop/esp-idf/components/json/cJSON/cJSON.c:2565

A2      : 0x3ffb7018  A3      : 0x00000000  A4      : 0x00000000  A5      : 0x00000000
A6      : 0x3ffb5920  A7      : 0x3ffb70c8  A8      : 0x00000000  A9      : 0x00000001
A10     : 0x3ffb7018  A11     : 0x00000000  A12     : 0x3f401c7c  A13     : 0x3ffb5900
A14     : 0x3ffb58e0  A15     : 0x0000000c  SAR     : 0x00000010  EXCCAUSE: 0x0000001d
EXCVADDR: 0x00000004  LBEG    : 0x4000c46c  LEND    : 0x4000c477  LCOUNT  : 0x00000000


Backtrace:0x400e738a:0x3ffb59000x400d255f:0x3ffb5920 0x400ebb3c:0x3ffb5950 0x400874f1:0x3ffb5970
0x400e738a: cJSON_CreateIntArray at /home/nop/esp-idf/components/json/cJSON/cJSON.c:2547 (discriminator 1)

0x400d255f: app_main at /home/nop/rtos/esp-idf-json/json-create-array-test/main/main.c:37

0x400ebb3c: main_task at /home/nop/esp-idf/components/freertos/port/port_common.c:142 (discriminator 2)

0x400874f1: vPortTaskWrapper at /home/nop/esp-idf/components/freertos/port/xtensa/port.c:168





ELF file SHA256: f85e81c078cc2294

My code

#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include "esp_log.h"
#include "cJSON.h"

static const char *TAG = "JSON";

void app_main()
{
        ESP_LOGI(TAG, "Serialize.....");
        cJSON *root;
        root = cJSON_CreateObject();

        int i_numbers[3];
        i_numbers[0] = 1;
        i_numbers[1] = 11;
        i_numbers[2] = 111;
        cJSON *intArray;
        intArray = cJSON_CreateIntArray(i_numbers, 3);
        cJSON_AddItemToObject(root, "intArray", intArray);

        char *my_json_string = cJSON_Print(root);
        ESP_LOGI(TAG, "my_json_string\n%s",my_json_string);
        cJSON_Delete(root);

        // Buffers returned by cJSON_Print must be freed by the caller.
        // Please use the proper API (cJSON_free) rather than directly calling stdlib free.
        cJSON_free(my_json_string);

        cJSON *root2;
        root2 = cJSON_CreateObject();
        intArray = cJSON_CreateIntArray(i_numbers, 0);
        cJSON_AddItemToObject(root2, "intArray", intArray);

        char *my_json_string2 = cJSON_Print(root2);
        ESP_LOGI(TAG, "my_json_string\n%s",my_json_string2);
        cJSON_Delete(root2);

        // Buffers returned by cJSON_Print must be freed by the caller.
        // Please use the proper API (cJSON_free) rather than directly calling stdlib free.
        cJSON_free(my_json_string2);
}

Workaround

I can't think of it.
@espressif-bot espressif-bot added the Status: Opened Issue is new label Jul 24, 2021
@github-actions github-actions bot changed the title cJSON_CreateIntArray(i_numbers, 0) causes a panic cJSON_CreateIntArray(i_numbers, 0) causes a panic (IDFGH-5595) Jul 24, 2021
@negativekelvin
Copy link
Contributor

I think this is fixed in upstream cjson

@AxelLin
Copy link
Contributor

AxelLin commented Jul 24, 2021

FYI:
The esp-idf master is using cJSON-v1.7.14 release, however there are NULL pointer dereference bug fixes after v1.7.14 release.
https://github.com/DaveGamble/cJSON/commits/master

@nopnop2002
Copy link
Author

nopnop2002 commented Jul 24, 2021
edited
Loading

Do I need to update the cJSON library myself?

Are you planning to replace the cJSON library included in esp-idf master with a new one?

@AxelLin
Copy link
Contributor

AxelLin commented Jul 26, 2021
edited
Loading

It's fixed by DaveGamble/cJSON@7b66457 , the esp-idf needs update.
I had remined this on 1 Feb (#6356 (comment)).

@nopnop2002
Copy link
Author

@AxelLin

Thank you.

I hope the libraries included in esp-idf master will be updated with new ones.

@mahavirj
Copy link
Member

@AxelLin @nopnop2002

Thanks for notifying on this. But it appears that cJSON never had release after 1.7.14, and we usually prefer stable upstream releases. We will check and create required fix for this case.

@shubhamkulkarni97 shubhamkulkarni97 mentioned this issue Jul 28, 2021
Closed
@espressif-bot espressif-bot added Status: In Progress Work is in progress and removed Status: Opened Issue is new labels Aug 2, 2021
@AxelLin
Copy link
Contributor

AxelLin commented Aug 25, 2021

@mahavirj
FYI, https://github.com/DaveGamble/cJSON/releases/tag/v1.7.15

@mahavirj
Copy link
Member

@AxelLin Thanks for notifying. We will merge this soon.

@espressif-bot espressif-bot added Resolution: NA Issue resolution is unavailable Status: Done Issue is done internally Resolution: Done Issue is done internally and removed Status: In Progress Work is in progress Resolution: NA Issue resolution is unavailable labels Aug 27, 2021
espressif-bot pushed a commit that referenced this issue Sep 8, 2021
@shubhamkulkarni97
cJSON: Update submodule to latest release.
cd0f22c 
This update fixes NULL pointer dereference issues in previous release

Closes #7317
espressif-bot pushed a commit that referenced this issue Sep 8, 2021
@shubhamkulkarni97
cJSON: Update submodule to latest release.
7059591 
This update fixes NULL pointer dereference issues in previous release

Closes #7317
espressif-bot pushed a commit that referenced this issue Sep 10, 2021
@shubhamkulkarni97
cJSON: Update submodule to latest release.
63b2ca8 
This update fixes NULL pointer dereference issues in previous release

Closes #7317
espressif-bot pushed a commit that referenced this issue Sep 18, 2021
@shubhamkulkarni97
cJSON: Update submodule to latest release.
b9643ee 
This update fixes NULL pointer dereference issues in previous release

Closes #7317
espressif-bot pushed a commit that referenced this issue Oct 12, 2021
@shubhamkulkarni97
cJSON: Update submodule to latest release.
87a4f82 
This update fixes NULL pointer dereference issues in previous release

Closes #7317
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Resolution: Done Issue is done internally Status: Done Issue is done internally
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@AxelLin @mahavirj @nopnop2002 @negativekelvin @espressif-bot