orbisai0security opened a new pull request, #18881: URL: https://github.com/apache/nuttx/pull/18881
## Summary Fix critical severity security issue in `tools/jlink-nuttx.c`. ## Vulnerability | Field | Value | |-------|-------| | **ID** | V-004 | | **Severity** | CRITICAL | | **Scanner** | multi_agent_ai | | **Rule** | `V-004` | | **File** | `tools/jlink-nuttx.c:50` | **Description**: The JLink debug plugin contains two distinct memory safety defects. First, at line 366, REALLOC(priv->pidhash, ...) assigns the result directly to priv->pidhash — the classic realloc-NULL bug. If realloc returns NULL due to allocation failure, the original pointer is overwritten with NULL, losing the reference to previously allocated memory (memory leak) and causing a NULL dereference on the next access. Second, at line 375, the return value of REALLOC for priv->regsaddr is discarded entirely, meaning the old pointer is retained even if memory was moved, creating a dangling pointer (use-after-free). The FREE macro does not null the pointer after freeing, enabling use-after-free if the pointer is accessed again. ## Changes - `tools/jlink-nuttx.c` ## Verification - [x] Build passes - [x] Scanner re-scan confirms fix - [x] LLM code review passed --- *Automated security fix by [OrbisAI Security](https://orbisappsec.com)* -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
