Browse Source

fix hexDecode result & input checks

- for some reason we were never checking it's output
no need to increase +1 since we write the exact number
- allow hexEncode output be decoded, enforce even-ness
- raw msg must have at least 3 bytes - start+code+end
mcspr-patch-1
Maxim Prokhorov 4 years ago
parent
commit
b8db57e460
2 changed files with 19 additions and 11 deletions
  1. +1
    -1
      code/espurna/rfbridge.cpp
  2. +18
    -10
      code/espurna/utils.cpp

+ 1
- 1
code/espurna/rfbridge.cpp View File

@ -624,7 +624,7 @@ void _rfbReceiveImpl() {
void _rfbSendRawFromPayload(const char * raw) { void _rfbSendRawFromPayload(const char * raw) {
auto rawlen = strlen(raw); auto rawlen = strlen(raw);
if (rawlen > (RfbParser::MessageSizeMax * 2)) return; if (rawlen > (RfbParser::MessageSizeMax * 2)) return;
if ((rawlen < 2) || (rawlen & 1)) return;
if ((rawlen < 6) || (rawlen & 1)) return;
DEBUG_MSG_P(PSTR("[RF] Sending RAW MESSAGE \"%s\"\n"), raw); DEBUG_MSG_P(PSTR("[RF] Sending RAW MESSAGE \"%s\"\n"), raw);


+ 18
- 10
code/espurna/utils.cpp View File

@ -812,10 +812,9 @@ size_t hexEncode(const uint8_t * in, size_t in_size, char * out, size_t out_size
// From an hexa char array ("A220EE...") to a byte array (half the size) // From an hexa char array ("A220EE...") to a byte array (half the size)
size_t hexDecode(const char* in, size_t in_size, uint8_t* out, size_t out_size) { size_t hexDecode(const char* in, size_t in_size, uint8_t* out, size_t out_size) {
if (out_size < (in_size / 2)) return 0;
size_t index = 0;
size_t out_index = 0;
if ((in_size & 1) || (out_size < (in_size / 2))) {
return 0;
}
auto char2byte = [](char ch) -> uint8_t { auto char2byte = [](char ch) -> uint8_t {
if ((ch >= '0') && (ch <= '9')) { if ((ch >= '0') && (ch <= '9')) {
@ -829,13 +828,22 @@ size_t hexDecode(const char* in, size_t in_size, uint8_t* out, size_t out_size)
} }
}; };
while (index < in_size) {
out[out_index] = char2byte(in[index]) << 4;
out[out_index] += char2byte(in[index + 1]);
size_t index = 0;
size_t out_index = 0;
uint8_t lhs, rhs;
index += 2;
out_index += 1;
while (index < in_size) {
lhs = char2byte(in[index]) << 4;
rhs = char2byte(in[index + 1]);
if (lhs || rhs) {
out[out_index++] = lhs | rhs;
index += 2;
continue;
}
out_index = 0;
break;
} }
return out_index ? (1 + out_index) : 0;
return out_index;
} }

Loading…
Cancel
Save