Use after free bug in FreeRTOS+FAT 160919a
Market leading real time kernel for 40+ microcontroller architectures
Brought to you by:
gaurav-aws,
rtel
Version: FreeRTOS-Plus-FAT-160919a-MIT
In ff_file.c: FF_Close()
@ line 2970:
ffconfigFREE( pxFile ); if( FF_isERR( xError ) == pdFALSE ) { xError = FF_FlushCache( pxFile->pxIOManager ); /* Ensure all modified blocks are flushed to disk! */ }
Fix: move ffconfigFREE(...)
after the if
block.
Hi John,
Thank you for the proposal. CVE-2019-18178 has been addressed and the most recent code could be found here -- https://www.freertos.org/FreeRTOS-Labs/RTOS_labs_download.html.
Regards,