Ramon Roche 2d79b9ea38 fix(zenoh): validate payload size before stack allocation ...

Reject Zenoh payloads that exceed the expected uORB topic size plus
CDR header (4 bytes), or that are too small to contain a valid CDR
header. This prevents a stack overflow from crafted network input
where z_bytes_len(payload) controls a VLA allocation.

Fixes GHSA-69g4-hcqf-j45p

Signed-off-by: Ramon Roche <mrpollo@gmail.com>

2026-03-13 09:39:05 -07:00

..

publishers

Zenoh: Improve out-of-memory behaviour

2025-11-21 10:10:32 -09:00

subscribers

fix(zenoh): validate payload size before stack allocation

2026-03-13 09:39:05 -07:00

zenoh-pico @ 6ec4dc1995

Zenoh: Update zenoh-pico library

2025-11-21 10:10:32 -09:00

CMakeLists.txt

Zenoh: Improve out-of-memory behaviour

2025-11-21 10:10:32 -09:00

dds_topics.yaml

ekf2: update logger, mavlink, DDS, and replay for AuxGlobalPosition

2026-02-20 17:43:45 +01:00

default_topics.c.em

zenoh: fix default config topic type to use actual uORB topic name (#26564)

2026-03-05 17:32:14 -09:00

Kconfig

zenoh: Add support for ROS2 Humble and earlier (#26619)

2026-03-04 10:00:58 -09:00

Kconfig.topics

boards: update all NuttX defconfigs

2025-11-10 01:06:31 -05:00

module.yaml

docs: Zenoh middleware guide (#25737)

2025-10-16 20:48:12 +11:00

rmw_attachment.h

Zenoh: cleanup and review

2025-08-22 08:22:59 +02:00

zenoh_config.cpp

Add an explicatory comment to Zenoh publisher's handling of the uOrb topic number (or lack thereof)

2025-08-22 08:22:59 +02:00

zenoh_config.hpp

Implement instance selection & pub/sub deletion for Zenoh

2025-08-22 08:22:59 +02:00

zenoh_params.c

Implement Domain id parameter and move gid to zenoh

2025-08-22 08:22:59 +02:00

zenoh.cpp

zenoh: Add support for ROS2 Humble and earlier (#26619)

2026-03-04 10:00:58 -09:00

zenoh.h

module_base: remove CRTP template pattern to reduce flash bloat (#26476)

2026-02-19 15:17:17 +13:00