From c6de8827422f072031093c4a3094d7091c2446e4 Mon Sep 17 00:00:00 2001
From: Martino Facchin <m.facchin@arduino.cc>
Date: Tue, 25 Mar 2025 15:08:03 +0100
Subject: [PATCH 1/2] Properly fix possible buffer overflow

Fix for #60
---
 src/system.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/system.c b/src/system.c
index a240990..23dcf32 100644
--- a/src/system.c
+++ b/src/system.c
@@ -383,8 +383,8 @@ void HAL_SPI_TxRxCpltCallback(SPI_HandleTypeDef *hspi)
   struct complete_packet *rx_pkt = (struct complete_packet *)RX_Buffer;
 
   /* Limit the amount of data copied to prevent buffer overflow. */
-  if (rx_pkt->header.size > sizeof(rx_pkt_userspace))
-    rx_pkt->header.size = sizeof(rx_pkt_userspace);
+  if (rx_pkt->header.size > SPI_DMA_BUFFER_SIZE)
+    rx_pkt->header.size = SPI_DMA_BUFFER_SIZE;
 
   /* The SPI transfer is now complete, copy to userspace memory. */
   memcpy((void *)rx_pkt_userspace, &(rx_pkt->data), rx_pkt->header.size);

From 4d7e52a5201636be43cb829394ef516427f4428b Mon Sep 17 00:00:00 2001
From: Martino Facchin <m.facchin@arduino.cc>
Date: Tue, 25 Mar 2025 15:15:28 +0100
Subject: [PATCH 2/2] fix possible overflow on CAN_TX_FRAME

---
 src/can_handler.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/can_handler.c b/src/can_handler.c
index 764b019..f9b9d35 100644
--- a/src/can_handler.c
+++ b/src/can_handler.c
@@ -260,7 +260,7 @@ int fdcan_handler(FDCAN_HandleTypeDef * handle, uint8_t const opcode, uint8_t co
   else if (opcode == CAN_TX_FRAME)
   {
     union x8h7_can_frame_message msg;
-    memcpy(&msg, data, size);
+    memcpy(&msg, data, min(size, sizeof(msg)));
     dbg_printf("fdcan_handler: sending CAN message to %lx, size %d, content[0]=0x%02X\n", msg.field.id, msg.field.len, msg.field.data[0]);
     return on_CAN_TX_FRAME_Request(handle, &msg);
   }