Go to file
Brian 9004e7bd77 Add CodeQL Workflow for Code Security Analysis
Add CodeQL Workflow for Code Security Analysis

This pull request introduces a CodeQL workflow to enhance the security analysis of our repository. CodeQL is a powerful static analysis tool that helps identify and mitigate security vulnerabilities in our codebase. By integrating this workflow into our GitHub Actions, we can proactively identify and address potential issues before they become security threats.

We added a new CodeQL workflow file (.github/workflows/codeql.yml) that
- Runs on every pull request (functionality to run on every push to main branches is included as a comment for convenience).
- Runs daily.
- Excludes queries with a high false positive rate or low-severity findings.
- Does not display results for git submodules, focusing only on our own codebase.

Testing:
To validate the functionality of this workflow, we have run several test scans on the codebase and reviewed the results. The workflow successfully compiles the project, identifies issues, and provides actionable insights while reducing noise by excluding certain queries and third-party code.

Deployment:
Once this pull request is merged, the CodeQL workflow will be active and automatically run on every push and pull request to the main branch. To view the results of these code scans, please follow these steps:
1. Under the repository name, click on the Security tab.
2. In the left sidebar, click Code scanning alerts.

Additional Information:
- You can further customize the workflow to adapt to your specific needs by modifying the workflow file.
- For more information on CodeQL and how to interpret its results, refer to the GitHub documentation and the CodeQL documentation (https://codeql.github.com/ and https://codeql.github.com/docs/).

Signed-off-by: Brian <bayuan@purdue.edu>
2024-02-19 20:03:32 +01:00
.github/workflows Add CodeQL Workflow for Code Security Analysis 2024-02-19 20:03:32 +01:00
.vscode vscode: fix debugging on windows 2022-03-25 21:29:31 +01:00
contrib contrib: fixed c++ compatibility of unix port 2024-02-19 18:04:02 +01:00
doc next release will probably be 2.2.1... 2023-09-27 20:38:41 +02:00
src Fixed netdb.c when LWIP_SOCKET_HAVE_SA_LEN == 0 2024-02-19 18:13:28 +01:00
test test: Fix speling issues 2023-10-14 17:51:01 +02:00
.gitattributes Update gitattributes after travis removal 2021-11-28 20:56:37 +01:00
.gitignore Ignore vim swap files 2023-10-14 18:10:30 +02:00
BUILDING some documentation fixes after merging contrib and example apps 2022-12-22 21:42:42 +01:00
CHANGELOG nd6: Update RA link-local addr option length check 2023-09-28 22:23:25 +02:00
CMakeLists.txt List supported build types in top-level CMakeLists.txt 2018-11-26 09:26:37 +01:00
codespell_changed_files.sh codespell: change file names, add possibility to write changes 2020-02-15 21:45:22 +01:00
codespell_check.sh src/core: Fix speling issues 2023-10-14 18:16:49 +02:00
COPYING Clean up COPYING 2020-12-05 09:48:51 +01:00
FEATURES Add ACD to several documents 2018-10-04 21:13:32 +02:00
FILES Add contrib subdir to FILES 2018-10-02 13:15:41 +02:00
README README: Update CI link 2021-11-27 21:09:06 +01:00
UPGRADING UPGRADING: added a not about merging contrib 2022-12-22 22:07:16 +01:00

INTRODUCTION

lwIP is a small independent implementation of the TCP/IP protocol suite.

The focus of the lwIP TCP/IP implementation is to reduce the RAM usage
while still having a full scale TCP. This making lwIP suitable for use
in embedded systems with tens of kilobytes of free RAM and room for
around 40 kilobytes of code ROM.

lwIP was originally developed by Adam Dunkels at the Computer and Networks
Architectures (CNA) lab at the Swedish Institute of Computer Science (SICS)
and is now developed and maintained by a worldwide network of developers.

FEATURES

  * IP (Internet Protocol, IPv4 and IPv6) including packet forwarding over
    multiple network interfaces
  * ICMP (Internet Control Message Protocol) for network maintenance and debugging
  * IGMP (Internet Group Management Protocol) for multicast traffic management
  * MLD (Multicast listener discovery for IPv6). Aims to be compliant with
    RFC 2710. No support for MLDv2
  * ND (Neighbor discovery and stateless address autoconfiguration for IPv6).
    Aims to be compliant with RFC 4861 (Neighbor discovery) and RFC 4862
    (Address autoconfiguration)
  * DHCP, AutoIP/APIPA (Zeroconf), ACD (Address Conflict Detection)
    and (stateless) DHCPv6
  * UDP (User Datagram Protocol) including experimental UDP-lite extensions
  * TCP (Transmission Control Protocol) with congestion control, RTT estimation
    fast recovery/fast retransmit and sending SACKs
  * raw/native API for enhanced performance
  * Optional Berkeley-like socket API
  * TLS: optional layered TCP ("altcp") for nearly transparent TLS for any
    TCP-based protocol (ported to mbedTLS) (see changelog for more info)
  * PPPoS and PPPoE (Point-to-point protocol over Serial/Ethernet)
  * DNS (Domain name resolver incl. mDNS)
  * 6LoWPAN (via IEEE 802.15.4, BLE or ZEP)


APPLICATIONS

  * HTTP server with SSI and CGI (HTTPS via altcp)
  * SNMPv2c agent with MIB compiler (Simple Network Management Protocol), v3 via altcp
  * SNTP (Simple network time protocol)
  * NetBIOS name service responder
  * MDNS (Multicast DNS) responder
  * iPerf server implementation
  * MQTT client (TLS support via altcp)


LICENSE

lwIP is freely available under a BSD license.


DEVELOPMENT

lwIP has grown into an excellent TCP/IP stack for embedded devices,
and developers using the stack often submit bug fixes, improvements,
and additions to the stack to further increase its usefulness.

Development of lwIP is hosted on Savannah, a central point for
software development, maintenance and distribution. Everyone can
help improve lwIP by use of Savannah's interface, Git and the
mailing list. A core team of developers will commit changes to the
Git source tree.

The lwIP TCP/IP stack is maintained in the 'src' directory and
contributions (such as platform ports and applications) are in
the 'contrib' directory.

See doc/savannah.txt for details on Git server access for users and
developers.

The current Git tree is web-browsable:
  https://git.savannah.gnu.org/cgit/lwip.git

Submit patches and bugs via the lwIP project page:
  https://savannah.nongnu.org/projects/lwip/

Continuous integration builds (GCC, clang):
  https://github.com/lwip-tcpip/lwip/actions


DOCUMENTATION

Self documentation of the source code is regularly extracted from the current
Git sources and is available from this web page:
  https://www.nongnu.org/lwip/

Also, there are mailing lists you can subscribe at
  https://savannah.nongnu.org/mail/?group=lwip
plus searchable archives:
  https://lists.nongnu.org/archive/html/lwip-users/
  https://lists.nongnu.org/archive/html/lwip-devel/

There is a wiki about lwIP at
  https://lwip.wikia.com/wiki/LwIP_Wiki
You might get questions answered there, but unfortunately, it is not as
well maintained as it should be.

lwIP was originally written by Adam Dunkels:
  http://dunkels.com/adam/

Reading Adam's papers, the files in docs/, browsing the source code
documentation and browsing the mailing list archives is a good way to
become familiar with the design of lwIP.

Adam Dunkels <adam@sics.se>
Leon Woestenberg <leon.woestenberg@gmx.net>