catalinv-ncc commented on PR #19051:
URL: https://github.com/apache/nuttx/pull/19051#issuecomment-4650430719
I would change the following.
Optional 1.
One not functional, to avoid confusion:
From:
uint8_t cmd_buffer[15 + 7];
To:
uint8_t cmd_buffer[6 + 16];
or even better:
uint8_t cmd_buffer[sizeof(struct pn532_frame) + 16];
The array is packed so it is exactly 6 bytes, also flex array in C99 (data
is not part of the sizeof struct).
Mandatory 2.
Here it was a bit confusing what I wrote, the whole thing need to be 6+16
bytes max, but the first byte of data are populated by:
pn532_frame_init()
then the second byte is set by:
f->data[1] = conf->cfg_item;
which means the memset() starting at index 2 only has 14 bytes left. So
there is still a 2 byte overflow.
At the minimum, the change should be:
DEBUGASSERT(conf->data_size <= 16 - 2); /*minus 1 byte for each cmd and
cfg_item*/
To summarize:
@linguini1 at a minimum, please update:
uint8_t cmd_buffer[6 + 16];
DEBUGASSERT(conf->data_size <= 16 - 2); /*minus 1 byte for each cmd and
cfg_item*/
Thank you.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
