username/esp32-hacking
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 9 Wiki Activity

fix: Enable stack canaries, heap poisoning, WDT panic; remove dead code

Browse Source 
- CONFIG_COMPILER_STACK_CHECK_MODE_NORM=y (buffer overflow detection)
- CONFIG_HEAP_POISONING_LIGHT=y (use-after-free/corruption detection)
- CONFIG_ESP_TASK_WDT_PANIC=y (auto-reboot on hung task)
- Remove unused #include "esp_now.h" (CVE-2025-52471 mitigation)
- Replace hardcoded default IP 192.168.129.11 with 0.0.0.0 in Kconfig
This commit is contained in:
user
2026-02-14 22:16:13 +01:00
parent 31724df63f
commit 0bcb5ddf0c
7 changed files with 27 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
TASKS.md
View File

@@ -51,8 +51,11 @@ Tracked separately in `~/git/esp32-web/TASKS.md`. Currently at v0.1.5.
### P1 - High
- [x] Test OTA rollback — crasher firmware flashed to amber-maple, bootloader rolled back to v1.11.0 (2026-02-14)
- [ ] Enable stack canaries: `CONFIG_COMPILER_STACK_CHECK_MODE_NORM=y`
- [ ] Enable heap poisoning: `CONFIG_HEAP_POISONING_LIGHT=y`
- [x] Enable stack canaries: `CONFIG_COMPILER_STACK_CHECK_MODE_NORM=y` (2026-02-14)
- [x] Enable heap poisoning: `CONFIG_HEAP_POISONING_LIGHT=y` (2026-02-14)
- [x] Enable WDT panic: `CONFIG_ESP_TASK_WDT_PANIC=y` (2026-02-14)
- [x] Remove unused `#include "esp_now.h"` (2026-02-14)
- [x] Remove hardcoded default IP from Kconfig (2026-02-14)
### P2 - Normal
- [ ] Tune presence threshold per room with real-world testing