Skip to content

Commit

Permalink
dlt-user: fix crash with certain strings (#463)
Browse files Browse the repository at this point in the history
make sure that a string with exactly UINT16_MAX bytes does not
overflow the dlt buffer

Signed-off-by: Alexander Mohr <[email protected]>
  • Loading branch information
alexmohr authored Apr 17, 2023
1 parent fae02b4 commit 9a2312d
Showing 1 changed file with 9 additions and 9 deletions.
18 changes: 9 additions & 9 deletions src/lib/dlt_user.c
Original file line number Diff line number Diff line change
Expand Up @@ -221,7 +221,7 @@ static void dlt_user_trace_network_segmented_thread_segmenter(s_segmented_data *
#endif

static DltReturnValue dlt_user_log_write_string_utils_attr(DltContextData *log, const char *text, const enum StringType type, const char *name, bool with_var_info);
static DltReturnValue dlt_user_log_write_sized_string_utils_attr(DltContextData *log, const char *text, uint16_t length, const enum StringType type, const char *name, bool with_var_info);
static DltReturnValue dlt_user_log_write_sized_string_utils_attr(DltContextData *log, const char *text, size_t length, const enum StringType type, const char *name, bool with_var_info);


static DltReturnValue dlt_unregister_app_util(bool force_sending_messages);
Expand Down Expand Up @@ -2606,7 +2606,7 @@ DltReturnValue dlt_user_log_write_sized_constant_utf8_string_attr(DltContextData
return is_verbose_mode(dlt_user.verbose_mode, log) ? dlt_user_log_write_sized_utf8_string_attr(log, text, length, name) : DLT_RETURN_OK;
}

static DltReturnValue dlt_user_log_write_sized_string_utils_attr(DltContextData *log, const char *text, uint16_t length, const enum StringType type, const char *name, bool with_var_info)
static DltReturnValue dlt_user_log_write_sized_string_utils_attr(DltContextData *log, const char *text, size_t length, const enum StringType type, const char *name, bool with_var_info)
{
if ((log == NULL) || (text == NULL))
return DLT_RETURN_WRONG_PARAMETER;
Expand All @@ -2618,7 +2618,7 @@ static DltReturnValue dlt_user_log_write_sized_string_utils_attr(DltContextData

const uint16_t name_size = (name != NULL) ? strlen(name)+1 : 0;

uint16_t arg_size = (uint16_t) (length + 1);
size_t arg_size = (size_t) (length + 1);

size_t new_log_size = log->size + arg_size + sizeof(uint16_t);

Expand All @@ -2643,13 +2643,13 @@ static DltReturnValue dlt_user_log_write_sized_string_utils_attr(DltContextData
ret = DLT_RETURN_USER_BUFFER_FULL;

/* Re-calculate arg_size */
arg_size = (uint16_t) (dlt_user.log_buf_len - log->size - sizeof(uint16_t));
arg_size = (size_t) (dlt_user.log_buf_len - log->size - sizeof(uint16_t));

size_t min_payload_str_truncate_msg = log->size + str_truncate_message_length + sizeof(uint16_t);

if (is_verbose_mode(dlt_user.verbose_mode, log)) {
min_payload_str_truncate_msg += sizeof(uint32_t);
arg_size -= (uint16_t) sizeof(uint32_t);
arg_size -= (size_t) sizeof(uint32_t);
if (with_var_info) {
min_payload_str_truncate_msg += sizeof(uint16_t) + name_size;
arg_size -= sizeof(uint16_t) + name_size;
Expand Down Expand Up @@ -2687,7 +2687,7 @@ static DltReturnValue dlt_user_log_write_sized_string_utils_attr(DltContextData
}

max_payload_str_msg -= reduce_size;
arg_size -= (uint16_t) reduce_size;
arg_size -= (size_t) reduce_size;
}
}

Expand Down Expand Up @@ -2766,7 +2766,7 @@ static DltReturnValue dlt_user_log_write_string_utils_attr(DltContextData *log,
if ((log == NULL) || (text == NULL))
return DLT_RETURN_WRONG_PARAMETER;

uint16_t length = (uint16_t) strlen(text);
size_t length = strlen(text);
return dlt_user_log_write_sized_string_utils_attr(log, text, length, type, name, with_var_info);
}

Expand Down Expand Up @@ -3276,7 +3276,7 @@ DltReturnValue dlt_user_trace_network_segmented(DltContext *handle,
return DLT_RETURN_ERROR;

/* Send as normal trace if possible */
if (header_len + payload_len + (uint16_t) sizeof(uint16_t) < dlt_user.log_buf_len)
if (header_len + payload_len + sizeof(uint16_t) < dlt_user.log_buf_len)
return dlt_user_trace_network(handle, nw_trace_type, header_len, header, payload_len, payload);

/* Allocate Memory */
Expand Down Expand Up @@ -3406,7 +3406,7 @@ DltReturnValue dlt_user_trace_network_truncated(DltContext *handle,
header_len = 0;

/* If truncation is allowed, check if we must do it */
if ((allow_truncate > 0) && ((header_len + payload_len + (uint16_t) sizeof(uint16_t)) > dlt_user.log_buf_len)) {
if ((allow_truncate > 0) && ((header_len + payload_len + sizeof(uint16_t)) > dlt_user.log_buf_len)) {
/* Identify as truncated */
if (dlt_user_log_write_string(&log, DLT_TRACE_NW_TRUNCATED) < DLT_RETURN_OK) {
dlt_user_free_buffer(&(log.buffer));
Expand Down

0 comments on commit 9a2312d

Please sign in to comment.