Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix unsafe reader get in MessageDef #3957

Closed
yunhanw-google opened this issue Nov 20, 2020 · 2 comments
Closed

Fix unsafe reader get in MessageDef #3957

yunhanw-google opened this issue Nov 20, 2020 · 2 comments
Assignees
Milestone

Comments

@yunhanw-google
Copy link
Contributor

So.. this is completely unsafe. It will do weird and broken things if the value in the TLV is out of range for type T.

Originally posted by @bzbarsky-apple in #3491 (comment)

@turon
Copy link
Contributor

turon commented Jan 31, 2022

Referencing this code:

[src/app/MessageDef.cpp]

    VerifyOrExit(aTLVType == reader.GetType(), err = CHIP_ERROR_WRONG_TLV_TYPE);

    err = reader.Get(*apLValue);

But that file has since been significantly refactored into an entire directory: src/app/MessageDef.

Difficult to say whether the issue still exists, but need to follow-up and verify for v1.

Removing v1_triage_split_4 tag.

@bzbarsky-apple
Copy link
Contributor

The important part is that we fixed Get on the reader to not do broken things in #9944. So this is good now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

5 participants