Reject Zenoh payloads that exceed the expected uORB topic size plus
CDR header (4 bytes), or that are too small to contain a valid CDR
header. This prevents a stack overflow from crafted network input
where z_bytes_len(payload) controls a VLA allocation.
Fixes GHSA-69g4-hcqf-j45p
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
Use logical OR (||) instead of AND (&&) in _workWrite() and _workBurst()
session validation, matching the correct logic already used in _workRead()
and _workTerminate(). The AND operator allowed operations to proceed with
an invalid session ID as long as a valid file descriptor existed.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
Remove the old MAVLINK_FTP_UNIT_TEST infrastructure that has been dead
code for years (not enabled in any board config). This includes:
- src/modules/mavlink/mavlink_tests/ directory (test suite, CMakeLists)
- All #ifdef MAVLINK_FTP_UNIT_TEST blocks in mavlink_ftp.cpp
- set_unittest_worker() callback mechanism in mavlink_ftp.h
- Conditional uAvionix include in mavlink_bridge_header.h
The test suite will be ported to GTest as a follow-up.
Ref: https://github.com/PX4/PX4-Autopilot/issues/26738
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
* docs(ekf2): clarify EKF2_HGT_REF param description
To me it was not obvious that with EKF2_GPS_CTRL=0 this altitude
initialisation based on GPS again does not apply.
* docs(ekf2): separate paragraph
Prevent potential stack overflow from symlink loops or deeply nested
directories by capping recursion to 3 levels. Also fixes dot-entry
skipping to use strcmp instead of prefix check, and deduplicates the
filepath construction.
* Applying PR #17084
* Comitting missing changes
* Adding incoming SETUP_SIGNING handling
* Adding proper message decoding for SETUP_SIGNING
* Adding persistance of sign key in chunks of 32 bits into parameters
* Allowing SETUP_SIGNING to be handled only on usb_uart
* Removing unused type and variable
* Changing the default for Mavlink Timestamp
* Fixing styling
* Merging
* Merging submodules
* Replacing parameters with sdcard storage for secured key and ts
* Fixing styles
* Isolating signing related items in separate class
* Adding new files
* Syncing with main
* Fixing styles
* Changing the signing logic to work only if key and ts properly initialized, adding store the ts on stop
* Updated submodules to latest versions
* Updated gz to proper version
* libfc-sensor-api to proper version
* libcanard to proper version
* Updated fuzztest to proper version
* Updated public_regulated_data_types to proper version
* Updated mip_sdk to proper version
* Updated pydronecan to proper version
* Updated rosidl to proper version
* Fixing styles
* Fixing cyclonedds version
* initializing sign control in the member declaration
* Update src/modules/mavlink/mavlink_main.h
Co-authored-by: Jacob Dahl <37091262+dakejahl@users.noreply.github.com>
* Fixing comments
* Fixing duplicate method
* Fixing defines
* Fixing styles
* Fixing the define errors
* replace duplicate logic with write_key_and_timestamp() function
* add docs
* Update docs/en/mavlink/message_signing.md
Co-authored-by: Julian Oes <julian@oes.ch>
* Update src/modules/mavlink/mavlink_sign_control.cpp
Co-authored-by: Hamish Willee <hamishwillee@gmail.com>
* Update src/modules/mavlink/mavlink_sign_control.h
Co-authored-by: Hamish Willee <hamishwillee@gmail.com>
* Update docs/en/mavlink/message_signing.md
Co-authored-by: Hamish Willee <hamishwillee@gmail.com>
* rename to MAV_SIGN_CFG, fix copyright dates, fix docs SHA type, rename secrets file
* fix newlines
---------
Co-authored-by: Jacob Dahl <37091262+dakejahl@users.noreply.github.com>
Co-authored-by: Jacob Dahl <dahl.jakejacob@gmail.com>
Co-authored-by: Julian Oes <julian@oes.ch>
Co-authored-by: Hamish Willee <hamishwillee@gmail.com>
So transitions between stopped/not stopped respect the slew rate.
- Remove previous stopped motor handling in publish_actuator_controls
- Replace with handle_stopped_motors, called in Run() before slew
- Introduce ApplyNanToActuators in ControlAllocation to stop
- Refactor ice shedding slightly to fit new structure
On Linux targets with high-rate external sensor data (>1000Hz), all
sensor calibrations (gyro, accel, mag) can freeze PX4 by starving
other threads of CPU. Normal flight is unaffected — only calibration
triggers the problem.
Two compounding issues in the calibration worker threads:
1. calibrate_cancel_check() creates a new uORB::Subscription on every
call, which triggers getDeviceNodeLocked() — an O(n) linear strcmp
scan through all uORB nodes. In gyro/mag calibration this was called
on every sensor sample, consuming the majority of CPU in strcmp alone.
2. SubscriptionBlocking::updatedBlocking() returns immediately when data
is already available (it only blocks when no data is pending). With
continuous high-rate sensor data, the calibration loops never yield,
spinning at 100% CPU.
These problems are addressed with this patch as follows:
- Throttle calibrate_cancel_check() to once per 200ms in gyro
and mag calibration loops.
- Add 1ms px4_usleep() yield before updatedBlocking()/updateBlocking()
in all calibration loops (gyro, accel, mag, orientation detection).
This caps the effective loop rate at ~1000Hz — still far above what
calibration needs (250-750 samples).
- Force Commander main loop to sleep during calibration so it does not
compete with calibration worker threads for CPU.
Tested under Linux (x64, aarch64) both with RT and non-RT scheduling,
with sensor data arriving at ~3600Hz. Calibration completes normally
and no longer results in a deadlocked process.
In the CA_ICE_PERIOD param description, a '>' was at the start of a
line. This is interpredeted by markdown as a quotation type indented
block which applies not only to that line, but to all following ones.
Changing the line breaks to only occur after full stops fixes it.
* SIH: explicitly use local velocity for all aerodynamic calculations
no functional change
* SIH: add param & vars for wind and apparent vel
no functional change
* SIH: replace all relevant vels with apparent vel
Only places where _v_E is remaining:
- ecefToNed to calculate _v_N
- generate_rover_ackermann_dynamics
- equations_of_motion
- parameters_updated, init_variables
and _v_N:
- ecefToNed
- print_status
- publish_ground_truth
- generate_rover_ackermann_dynamics
- equations_of_motion
- parameters_updated, init_variables
which are all not relevant for aerodynamics.
* sih: wind review suggestions
* sih wind: switch direction to global wind source direction convention
* SIH: clean up variable declarations
* SIH: rename variables for consistency
* docs: SIH: document new wind parameters
* Release notes: note for SIH wind settings
---------
Co-authored-by: Matthias Grob <maetugr@gmail.com>
bresch