AzureRTOS/ThreadX cmsis-os wrapper potential NULL pointer references

Bob S · ‎2025-08-22

The Cube-AZRTOS bundles cmsis_os2.c implementation has potential NULL pointer dereferences. There are many lines of the form:

if (( attr->cm_mem == NULL) || (attr == NULL))

in code that attempts to recover and de-allocate memory from a "create" call that failed. The order of comparisons should be reversed:

if ((attr == NULL) || (attr->cb_mem == NULL))

This happens for different structure members, not just the cb_mem.

I've checked the F4 version 1.1 ZIP file and github repo, as well as the github H7 repo and they both have this issue. I suspect all versions do.

MOBEJ · ‎2025-08-28

Hello @Bob S ,

Thanks again for reporting this behavior. I've escalated this to the concerned team for update on the future (under internal ticket number 216461).

Best Regards.

To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.