Move user-controlled GitHub Actions context expressions
(github.event.pull_request.head.ref, head.repo.full_name,
pull_request.number, event.action) from direct interpolation
in run: blocks to env: variables.
Direct interpolation of these values in shell scripts allows
attackers to inject arbitrary commands via crafted branch names
under pull_request_target, which runs in the base repo context.
Using env: variables ensures values are treated as literal
strings by the shell, preventing command injection.
Ref: https://securitylab.github.com/research/github-actions-untrusted-input/
Reported-by: Wilson Cyber Research (@sourcecodereviewer)
Security: expression-injection
Add functional description comment blocks to 5 test case files that
were missing them, following the format specified in issue #10895:
- mm/mm_memblock_tc.c: memory block management tests
- mm/rt_ioremap.c: I/O remap tests
- lwp/condvar_broadcast_tc.c: condition variable broadcast tests
- lwp/condvar_signal_tc.c: condition variable signal tests
- lwp/condvar_timedwait_tc.c: condition variable timed wait tests
Closes#10895 (partial)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
[Problem Description]
In the dlmodule_load_shared_object function,
if a module loading fails once due to an unresolved symbol,
all subsequent attempts to load any module will fail.
The system becomes unable to load modules correctly until a reboot.
[Problem Analysis]
The root cause is that the variable unsolved is defined as static.
Static variables retain their value between function calls.
If a relocation error occurs, unsolved is set to RT_TRUE.
However, when the function returns with an error, the value of unsolved is not reset.
Consequently, on the next function call, unsolved remains RT_TRUE from the previous execution.
This causes the check if (unsolved) to trigger immediately (or after the loop),
forcing the function to return an error regardless of whether the current module is valid or not.
[Solution]
Reset the unsolved variable to RT_FALSE before returning the error code -RT_ERROR.
This ensures the variable is in a clean state for the next function call, preventing state leakage between invocations.
Signed-off-by: Liu Gui <kenneth.liu@sophgo.com>
- Accumulate short reads, mark finishing on EOF
- Track begin/end callback states and cleanup on error paths
- Add ACK handling with retry/error counting in send flow
- Implement _noncache() and _cache() function features;
- Correct rt_hw_mmu_setup function for NORMAL_NOCACHE_MEM type property configuration;
- Update C908/C906 PTE macro definition configuration;
The POSIX mq_send() function currently passes timeout=0 to
rt_mq_send_wait_prio(), causing it to return immediately when the
queue is full instead of blocking as required by POSIX.1-2017.
This patch:
1. Changes mq_send() to use RT_WAITING_FOREVER for blocking behavior
2. Implements mq_timedsend() properly with timeout support
3. Fixes errno mapping for different error conditions
Reference: POSIX.1-2017 mq_send(3p):
"If the specified message queue is full, mq_send() shall block until
space becomes available to enqueue the message, or until mq_send()
is interrupted by a signal."
Fixes: https://github.com/RT-Thread/rt-thread/issues/11196
Signed-off-by: hzt <3061613175@qq.com>
