From 2169120db1c8fd4e25babf5e4e68d99fc7ecb135 Mon Sep 17 00:00:00 2001 From: Vivien Nicolas Date: Wed, 8 Mar 2023 00:50:52 +0100 Subject: [PATCH] [chip-tool] Add some missing null checks (#25535) --- .../chip-tool/commands/clusters/ComplexArgument.h | 15 +++++++++++++-- .../commands/interactive/InteractiveCommands.cpp | 4 ++++ 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/examples/chip-tool/commands/clusters/ComplexArgument.h b/examples/chip-tool/commands/clusters/ComplexArgument.h index 37a219325d66f2..7705ba50369a59 100644 --- a/examples/chip-tool/commands/clusters/ComplexArgument.h +++ b/examples/chip-tool/commands/clusters/ComplexArgument.h @@ -45,7 +45,7 @@ #include "JsonParser.h" -constexpr uint8_t kMaxLabelLength = 100; +constexpr uint8_t kMaxLabelLength = UINT8_MAX; constexpr const char kNullString[] = "null"; class ComplexArgumentParser @@ -168,12 +168,19 @@ class ComplexArgumentParser } auto content = static_cast::type *>(chip::Platform::MemoryCalloc(value.size(), sizeof(T))); + VerifyOrReturnError(content != nullptr, CHIP_ERROR_NO_MEMORY); Json::ArrayIndex size = value.size(); for (Json::ArrayIndex i = 0; i < size; i++) { char labelWithIndex[kMaxLabelLength]; - snprintf(labelWithIndex, sizeof(labelWithIndex), "%s[%d]", label, i); + // GCC 7.0.1 has introduced some new warnings for snprintf (-Werror=format-truncation) by default. + // This is not particularly useful when using snprintf and especially in this context, so in order + // to disable the warning the %s is constrained to be of max length: (254 - 11 - 2) where: + // - 254 is kMaxLabelLength - 1 (for null) + // - 11 is the maximum length of a %d (-2147483648, 2147483647) + // - 2 is the length for the "[" and "]" characters. + snprintf(labelWithIndex, sizeof(labelWithIndex), "%.241s[%d]", label, i); ReturnErrorOnFailure(ComplexArgumentParser::Setup(labelWithIndex, content[i], value[i])); } @@ -200,6 +207,8 @@ class ComplexArgumentParser size = str.size(); buffer = static_cast(chip::Platform::MemoryCalloc(size, sizeof(uint8_t))); + VerifyOrReturnError(buffer != nullptr, CHIP_ERROR_NO_MEMORY); + memcpy(buffer, str.c_str(), size); } else @@ -244,6 +253,8 @@ class ComplexArgumentParser size_t size = strlen(value.asCString()); auto buffer = static_cast(chip::Platform::MemoryCalloc(size, sizeof(char))); + VerifyOrReturnError(buffer != nullptr, CHIP_ERROR_NO_MEMORY); + memcpy(buffer, value.asCString(), size); request = chip::CharSpan(buffer, size); diff --git a/examples/chip-tool/commands/interactive/InteractiveCommands.cpp b/examples/chip-tool/commands/interactive/InteractiveCommands.cpp index 0a1f1957a6df52..fc895d4eb69eb1 100644 --- a/examples/chip-tool/commands/interactive/InteractiveCommands.cpp +++ b/examples/chip-tool/commands/interactive/InteractiveCommands.cpp @@ -132,6 +132,10 @@ struct InteractiveServerResult case chip::Logging::kLogCategory_Detail: messageType = kCategoryDetail; break; + default: + // This should not happen. + chipDie(); + break; } mLogs.push_back(InteractiveServerResultLog({ module, base64Message, messageType }));