From 6530fe75d8642f18d87d22456462a9530129cbda Mon Sep 17 00:00:00 2001
From: Vo Trung Chi <chi.votrung@vn.bosch.com>
Date: Thu, 14 Nov 2019 11:56:41 +0700
Subject: Avoided Seg fault in dlt_message_payload (#179) (#181)

* Avoided Seg fault in dlt_message_payload (#179)

 Avoided Seg fault by adding boundary check before buffer access.

Signed-off-by: Ravi Sankar P <ponnurangamravi.sankar@in.bosch.com>
Signed-off-by: Vo Trung Chi <chi.votrung@vn.bosch.com>
---
 include/dlt/dlt_common.h | 21 ++++++++++++++-------
 1 file changed, 14 insertions(+), 7 deletions(-)

(limited to 'include')

diff --git a/include/dlt/dlt_common.h b/include/dlt/dlt_common.h
index a418e7d..f4248ea 100644
--- a/include/dlt/dlt_common.h
+++ b/include/dlt/dlt_common.h
@@ -313,14 +313,21 @@ enum {
         { memcpy(dst, src, DLT_ID_SIZE); src += DLT_ID_SIZE; length -= DLT_ID_SIZE; } \
     }
 
-#   define DLT_MSG_READ_STRING(dst, src, maxlength, length) \
+#define DLT_MSG_READ_STRING(dst, src, maxlength, dstlength, length) \
+{ \
+    if ((maxlength < 0) || (length <= 0) || (dstlength < length) || (maxlength < length)) \
     { \
-        if (((maxlength) < 0) || ((length) < 0) || ((maxlength) < (length))) \
-        { maxlength = -1; } \
-        else \
-        { memcpy(dst, src, length); dlt_clean_string(dst, length); dst[length] = 0; \
-          src += length; maxlength -= length; } \
-    }
+        maxlength = -1; \
+    } \
+    else \
+    { \
+        memcpy(dst, src, length); \
+        dlt_clean_string(dst, length); \
+        dst[length] = 0; \
+        src += length; \
+        maxlength -= length; \
+    } \
+}
 
 #   define DLT_MSG_READ_NULL(src, maxlength, length) \
     { \
-- 
cgit v1.2.1