Search found 7 matches

by mendesgeo
Mon Sep 06, 2021 3:16 am
Forum: ESP-IDF
Topic: BrakTooth Vulnerability on ESP32 (Arbitrary Code Execution)
Replies: 5
Views: 5681

Re: BrakTooth Vulnerability on ESP32 (Arbitrary Code Execution)

jki131 wrote:
Sun Sep 05, 2021 7:42 pm
Is there any information how sniffer work? There is no source code for esp32 firmware in gtihub repo.
Yes. Check again the repo. It was just updated.
by mendesgeo
Sat Sep 04, 2021 8:17 am
Forum: ESP-IDF
Topic: BrakTooth Vulnerability on ESP32 (Arbitrary Code Execution)
Replies: 5
Views: 5681

BrakTooth Vulnerability on ESP32 (Arbitrary Code Execution)

Dear, all Espressif has made available a patch for a BrakTooth Vulnerability which can trigger arbitrary code execution on ESP32 via Bluetooth Classic (BR/EDR) for those using Espressif dual mode stack or HCI-UART mode with a third-party stack. BrakTooth disclosure: https://asset-group.github.io/dis...
by mendesgeo
Mon Dec 14, 2020 2:00 pm
Forum: ESP-IDF
Topic: High Interrupt calling C function
Replies: 7
Views: 6418

Re: High Interrupt calling C function

We actually have something in progress for BT interrupts internally. Should make it to the master branch shortly. From what I can see, it just saves all 64 registers plus WINDOWBASE and WINDOWSTART and switches to a new stack. Whatever state the registers are in will be saved that way. By the way, ...
by mendesgeo
Mon Dec 14, 2020 1:27 pm
Forum: ESP-IDF
Topic: High Interrupt calling C function
Replies: 7
Views: 6418

Re: High Interrupt calling C function

We actually have something in progress for BT interrupts internally. Should make it to the master branch shortly. From what I can see, it just saves all 64 registers plus WINDOWBASE and WINDOWSTART and switches to a new stack. Whatever state the registers are in will be saved that way. Thank you, s...
by mendesgeo
Mon Dec 14, 2020 12:20 pm
Forum: ESP-IDF
Topic: High Interrupt calling C function
Replies: 7
Views: 6418

Re: High Interrupt calling C function

Actually, that's not entirely true. The crux of the issue is that a high-level interrupt can pre-empt a windowing exception, meaning the register stack can be in an unknown state. C code assumes it can happily use the windowed ABI and would corrupt it. Oh My God!!! Thank you so much for this answer...
by mendesgeo
Sun Dec 06, 2020 1:22 pm
Forum: ESP-IDF
Topic: High Interrupt calling C function
Replies: 7
Views: 6418

High Interrupt calling C function

Dear all, I've seen on the oficial Espressif Documentation and also some comments around that High interrupt is not usually used or cannot be used with C functions. Is there a reason why? Is it because of the DPORT workaround which sometimes causes the cores to hang?