-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[TLV] TLVReader should take care of the range of integer values #5152
Comments
bzbarsky-apple
changed the title
[TLV] TLVReader should take care of the range of values
[TLV] TLVReader should take care of the range of integer values
Mar 4, 2021
bitkis
added a commit
to bitkis/connectedhomeip
that referenced
this issue
Mar 10, 2021
project-chip#5152 Signed-off-by: Boris Itkis <[email protected]>
bitkis
added a commit
to bitkis/connectedhomeip
that referenced
this issue
Mar 12, 2021
bitkis
added a commit
to bitkis/connectedhomeip
that referenced
this issue
Apr 2, 2021
bzbarsky-apple
added a commit
to bzbarsky-apple/connectedhomeip
that referenced
this issue
Sep 24, 2021
… unexpected values. Two changes: 1) Ensure the value was encoded with the signed-ness the reader expects. 2) Ensure the value is in the range the reader expects instad of ending up with overflow and whatever that does.. Fixes project-chip#5152 The test changes were largely lifted from project-chip#5764
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Problem
It currently does not.
Sure, but the problems start when we ask to read an int8 value but the TLV contains a value that does not actually fit in 8 bits. That read will succeed, which is broken. You're right that we should solve this in the TLV reader in general, but no one has had time to do that yet.
Proposed solution
Check the type of the value, and return error of it if too big.
Originally posted by @bzbarsky-apple in #5032 (comment)
The text was updated successfully, but these errors were encountered: