Skip to content

Commit 53df799

Browse files
aentingeraentinger
authored
Merge pull request #60 from arduino/fix-buf-overflow
Fix: prevent buffer overflow by limiting amount of data copied.
1 parent f9f0ec1 commit 53df799

File tree

1 file changed

+4
-0
lines changed

1 file changed

+4
-0
lines changed

src/system.c

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -382,6 +382,10 @@ void HAL_SPI_TxRxCpltCallback(SPI_HandleTypeDef *hspi)
382382
struct complete_packet *tx_pkt = (struct complete_packet *)p_tx_buf_transfer;
383383
struct complete_packet *rx_pkt = (struct complete_packet *)RX_Buffer;
384384

385+
/* Limit the amount of data copied to prevent buffer overflow. */
386+
if (rx_pkt->header.size > sizeof(rx_pkt_userspace))
387+
rx_pkt->header.size = sizeof(rx_pkt_userspace);
388+
385389
/* The SPI transfer is now complete, copy to userspace memory. */
386390
memcpy((void *)rx_pkt_userspace, &(rx_pkt->data), rx_pkt->header.size);
387391

0 commit comments

Comments
 (0)