Commit Graph

29000 Commits

Author SHA1 Message Date
Jacob Dahl d04858efe0 fix(uavcan): silence DroneCAN DSDL compiler build warnings (#26757)
Fix Python DeprecationWarning for invalid escape sequence in pyratemp.py
and replace deprecated FindPythonInterp CMake module in libuavcan.
2026-03-16 14:49:21 -08:00
Jacob Dahl 0b2e554202 refactor(voxl_esc): pass vehicle_control_mode_s and led_control_s by const reference 2026-03-16 14:48:13 -08:00
Jacob Dahl 7d9484e7a6 refactor(flight_mode_manager): pass follow_target_s by const reference 2026-03-16 14:48:13 -08:00
Jacob Dahl 37745a97d3 refactor(navigator): pass PositionYawSetpoint and loiter_point_s by const reference 2026-03-16 14:48:13 -08:00
Jacob Dahl 6f7ae9b5e5 refactor(navigator): pass mission_s by const reference 2026-03-16 14:48:13 -08:00
Jacob Dahl 43174bbf39 refactor(navigator): pass mission_item_s by const reference 2026-03-16 14:48:13 -08:00
Jacob Dahl aba4bbb1ab refactor(fw_mode_manager): pass position_setpoint_s by const reference 2026-03-16 14:48:13 -08:00
Ege Kural 113853f631 fix(ci): enable clang-tidy bugprone-unhandled-self-assignment / cert-oop54-cpp (#26767)
Signed-off-by: kuralme <kuralme@protonmail.com>
2026-03-16 13:59:06 -08:00
Jacob Dahl 71e673bec2 fix(mc_rate_control): remove redundant uORB copy in rate setpoint path (#26755)
Subscription::update() already copies data into the destination buffer,
making the subsequent copy() call redundant. This eliminates an
unnecessary memcpy every cycle on the 400 Hz rate control loop.
2026-03-15 11:43:23 -08:00
Jonas Eschmann 6f023d4c23 bumping mc_raptor blob submodule (to include license) (#26750) 2026-03-14 13:51:42 -07:00
Matthias Grob 6b5147110b refactor(commander): remove needless parameter COM_KILL_DISARM (#26736) 2026-03-14 01:09:28 -08:00
Matthias Grob 576e336849 refactor(commander): remove useless parameter COM_FLT_PROFILE (#26735) 2026-03-14 01:07:34 -08:00
Matthias Grob 0e9d563570 fix(mavlink): limit ADSB transponder reporting to 5Hz to not spam the link (#26733)
Note that internally higher update rates are likely also not useful but this needs to be carefully checked with the interface. It seems like the ADSB driver keeps track of what to publish when which is not a scalable/well-testable solution.
2026-03-14 00:57:07 -08:00
Ramon Roche e303e4ccfb mavlink: log handler cleanup: remove unused filepath and opendir
- Use %*s in state_listing() to skip filepath that was parsed but never used
- Remove unused opendir()/closedir() in log_entry_from_id()

Signed-off-by: Ramon Roche <mrpollo@gmail.com>
2026-03-13 18:08:29 -07:00
Ramon Roche 616b25a280 mavlink: fix stack buffer overflow in log handler filepath parsing
- Size LogEntry.filepath to PX4_MAX_FILEPATH instead of hardcoded 60 bytes
- Add width specifier to sscanf calls to prevent buffer overflow
- Move platform defines from .cpp to .h for reuse
- Add static_assert to enforce scanf width < buffer size at compile time

Signed-off-by: Ramon Roche <mrpollo@gmail.com>
2026-03-13 18:08:29 -07:00
Drone-Lab 4820a7d936 fix(navigator): fix bug in DO_CHANGE_ALTITUDE
Co-authored-by: Nathaniel-hl <3181616004@qq.com>
2026-03-13 10:48:06 -08:00
Ramon Roche 73884312da fix(mavlink): remove all stale mavlink_tests references
The mavlink_tests module was deleted in 1009268d31 but several
references were left behind, breaking builds on all targets.

Removed:
- CMakeLists.txt: add_subdirectory(mavlink_tests)
- mavlink_ftp.cpp: #include of deleted mavlink_ftp_test.h
- mavlink_ftp.h: MavlinkFtpTest forward decl and friend class
- posix-configs/SITL/init/test/test_mavlink: dead init script
- sitl_tests.cmake: sitl-mavlink CTest target
- install-voxl.sh: px4-mavlink_tests symlink

Ref: https://github.com/PX4/PX4-Autopilot/issues/26738
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
2026-03-13 10:49:02 -07:00
bresch cdcdd1096f fix(ekf2): add missing in_transition flag 2026-03-13 17:46:31 +01:00
bresch acab9fdceb chore(ekf2): update change indicator
Initialization slightly changes as no zero innovation update is used
anymore
2026-03-13 17:46:31 +01:00
bresch 074e787a91 feat(ekf2): remove zero innovation heading update
This is no longer necessary with the heading observability check
2026-03-13 17:46:31 +01:00
bresch 643c6fec24 feat(ekf2): clear heading correlation with other states when not observable 2026-03-13 17:46:31 +01:00
Ramon Roche 2d79b9ea38 fix(zenoh): validate payload size before stack allocation
Reject Zenoh payloads that exceed the expected uORB topic size plus
CDR header (4 bytes), or that are too small to contain a valid CDR
header. This prevents a stack overflow from crafted network input
where z_bytes_len(payload) controls a VLA allocation.

Fixes GHSA-69g4-hcqf-j45p

Signed-off-by: Ramon Roche <mrpollo@gmail.com>
2026-03-13 09:39:05 -07:00
Ramon Roche afd327b322 fix(mavlink): correct session validation in FTP write and burst operations
Use logical OR (||) instead of AND (&&) in _workWrite() and _workBurst()
session validation, matching the correct logic already used in _workRead()
and _workTerminate(). The AND operator allowed operations to proceed with
an invalid session ID as long as a valid file descriptor existed.

Signed-off-by: Ramon Roche <mrpollo@gmail.com>
2026-03-13 09:34:27 -07:00
Ramon Roche 1009268d31 refactor(mavlink): remove dead FTP unit test code
Remove the old MAVLINK_FTP_UNIT_TEST infrastructure that has been dead
code for years (not enabled in any board config). This includes:

- src/modules/mavlink/mavlink_tests/ directory (test suite, CMakeLists)
- All #ifdef MAVLINK_FTP_UNIT_TEST blocks in mavlink_ftp.cpp
- set_unittest_worker() callback mechanism in mavlink_ftp.h
- Conditional uAvionix include in mavlink_bridge_header.h

The test suite will be ported to GTest as a follow-up.

Ref: https://github.com/PX4/PX4-Autopilot/issues/26738
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
2026-03-13 09:31:20 -07:00
Ramon Roche 4e6e2c059c fix(mavlink): reject path traversal sequences in FTP operations
Add _validatePath() that rejects paths containing ".." components,
preventing directory traversal outside the FTP root directory.
Applied to all FTP operation handlers (list, open, remove, truncate,
rename, mkdir, rmdir, CRC32).

Fixes GHSA-fh32-qxj9-x32f, GHSA-pm28-2j4f-8jxv

Signed-off-by: Ramon Roche <mrpollo@gmail.com>
2026-03-13 09:31:20 -07:00
Ramon Roche 3f04b7a95a fix(tattu_can): validate CAN frame bounds before buffer copy
Add bounds checking in the CAN frame assembly loop to prevent a buffer
overflow when copying payloads into the Tattu12SBatteryMessage struct.
A crafted CAN frame with a corrupt payload_size could write past the
48-byte struct boundary. Also guard against payload_size of 0 which
would cause an unsigned integer underflow on the size_t subtraction.

Fixes GHSA-wxwm-xmx9-hr32

Signed-off-by: Ramon Roche <mrpollo@gmail.com>
2026-03-13 09:16:01 -07:00
Ramon Roche bf4fac7e61 fix(crsf_rc): validate variable-length packet size before buffer copy
Variable-length known packet types (CRSF_PACKET_TYPE_ELRS_STATUS,
CRSF_PACKET_TYPE_LINK_STATISTICS_TX, CRSF_PACKET_TYPE_MSP_WRITE)
bypassed the bounds check that exists for unknown packets. A crafted
packet with a large size field could overflow the 64-byte process_buffer
during QueueBuffer_PeekBuffer() in the CRC state.

Apply the same CRSF_MAX_PACKET_LEN bounds check to variable-length
known packets that already exists for unknown packets.

Fixes GHSA-mqgj-hh4g-fg5p

Signed-off-by: Ramon Roche <mrpollo@gmail.com>
2026-03-13 09:13:06 -07:00
Ramon Roche e8e86a2e0f fix(telemetry/bst): validate reply length and dev_name_len before use
Reject replies with length >= sizeof(BSTPacket) to prevent OOB read
in CRC calculation. Clamp dev_name_len to buffer size to prevent OOB
write during null termination.

Signed-off-by: Ramon Roche <mrpollo@gmail.com>
2026-03-13 09:12:40 -07:00
Ege Kural 4a33fb169f fix(ci): enable clang-tidy bugprone-macro-parentheses (#26722)
Signed-off-by: kuralme <kuralme@protonmail.com>
2026-03-12 12:42:07 -08:00
Ramon Roche 3ed2f23d9c fix(build): resolve Dependabot security alerts (#26729)
Fix 4 Dependabot alerts:
- CVE-2021-34141: remove duplicate vulnerable numpy==1.21.5 pin
- markdown-it ReDoS (>= 13.0.0, < 14.1.1): add yarn resolution to 14.1.1
- preact JSON VNode injection: resolved by yarn upgrade to 10.29.0
- esbuild dev server request leak (<= 0.24.2): add yarn resolution to 0.25.0

Signed-off-by: Ramon Roche <mrpollo@gmail.com>
2026-03-12 12:40:35 -07:00
Balduin ab6c9b7909 docs(ekf2): clarify EKF2_HGT_REF param description (#26725)
* docs(ekf2): clarify EKF2_HGT_REF param description

To me it was not obvious that with EKF2_GPS_CTRL=0 this altitude
initialisation based on GPS again does not apply.

* docs(ekf2): separate paragraph
2026-03-12 11:30:22 -08:00
Matthias Grob 7b3fe3478b ESC check cleanup 2026-03-12 18:30:51 +01:00
ttechnick 7aa28de922 ESC check: use constants for ESC timeout 2026-03-12 18:30:51 +01:00
Matthias Grob a9461c4d1a escCheck: Change MOTFAIL_TIME unit to seconds for better UX 2026-03-12 18:30:51 +01:00
Matthias Grob fb9f8d1835 escCheck: remove thrust threshold above which current model applies
The newer upper lower bound offset current model should apply more accurately and not require a lower bount for thrust where there's no detection.
2026-03-12 18:30:51 +01:00
Matthias Grob 6361b4cd7e Unify motor function mapping checks to only depend on the interface 2026-03-12 18:30:51 +01:00
Matthias Grob 8bb82c70ee escCheck: structure suggestions 2026-03-12 18:30:51 +01:00
Matthias Grob 0071699348 HealthChecks: correct indentation for EVENT metadata 2026-03-12 18:30:51 +01:00
Matthias Grob 54df6d64a6 Commander: move FD_ACT_EN to esc check 2026-03-12 18:30:51 +01:00
Matthias Grob 7207c34c5b Commander: avoid leaking health checks into failure detector 2026-03-12 18:30:51 +01:00
Matthias Grob 8bafcfbac7 Rename parameters file for ESC checks 2026-03-12 18:30:51 +01:00
Matthias Grob 2ff83e7e7c escCheck: rename MOTFAIL_TOUT -> MOTFAIL_TIME and further cleanup 2026-03-12 18:30:51 +01:00
Matthias Grob 035ccc8395 FailureDetector: disarm again with ESC failures during spoolup 2026-03-12 18:30:51 +01:00
Matthias Grob 7d84911668 FailureDetector: remove obsolete subscriptions 2026-03-12 18:30:51 +01:00
ttechnick 4e279b16c2 uavcan: optimization and edge cases 2026-03-12 18:30:51 +01:00
ttechnick c5652b2084 escChecks: param reorg
Reorganise parameters
fix esc & motor indices
set failsafe flags
2026-03-12 18:30:51 +01:00
ttechnick 03fc051c29 uavcan:fix check 2026-03-12 18:30:51 +01:00
ttechnick 96c5c7ba02 work on: feed back checks to commander 2026-03-12 18:30:51 +01:00
ttechnick e9874b6f05 ensure motor faults are cleared 2026-03-12 18:30:51 +01:00
ttechnick 15f5a18629 uavcan: cleanup 2026-03-12 18:30:51 +01:00