1
0
mirror of https://github.com/RIOT-OS/RIOT.git synced 2024-12-29 04:50:03 +01:00

can: add proper checks for ifnum validity

Most functions were using asserts, but in some cases it might not be a
programmatic error to pass an invalid ifnum. This makes sure the code
does not crash by testing it at runtim and returning an error.
This commit is contained in:
Vincent Dupont 2020-06-19 11:20:37 +02:00
parent bfb8fc52b1
commit 98c39d5104
2 changed files with 22 additions and 5 deletions

View File

@ -42,7 +42,11 @@ int conn_can_raw_create(conn_can_raw_t *conn, struct can_filter *filter, size_t
int ifnum, int flags) int ifnum, int flags)
{ {
assert(conn != NULL); assert(conn != NULL);
assert(ifnum < CAN_DLL_NUMOF); if (ifnum < 0 || ifnum >= CAN_DLL_NUMOF) {
memset(conn, 0, sizeof (*conn));
conn->ifnum = -1;
return -ENODEV;
}
DEBUG("conn_can_raw_create: create conn=%p, ifnum=%d flags=%d\n", (void *)conn, ifnum, flags); DEBUG("conn_can_raw_create: create conn=%p, ifnum=%d flags=%d\n", (void *)conn, ifnum, flags);
@ -121,7 +125,11 @@ static void _tx_conf_timeout(void *arg)
int conn_can_raw_send(conn_can_raw_t *conn, const struct can_frame *frame, int flags) int conn_can_raw_send(conn_can_raw_t *conn, const struct can_frame *frame, int flags)
{ {
assert(conn != NULL); assert(conn != NULL);
assert(conn->ifnum < CAN_DLL_NUMOF);
if (conn->ifnum < 0 || conn->ifnum >= CAN_DLL_NUMOF) {
return -ENODEV;
}
assert((conn->flags & CONN_CAN_RECVONLY) == 0); assert((conn->flags & CONN_CAN_RECVONLY) == 0);
assert(frame != NULL); assert(frame != NULL);
@ -201,7 +209,11 @@ static void _rx_timeout(void *arg)
int conn_can_raw_recv(conn_can_raw_t *conn, struct can_frame *frame, uint32_t timeout) int conn_can_raw_recv(conn_can_raw_t *conn, struct can_frame *frame, uint32_t timeout)
{ {
assert(conn != NULL); assert(conn != NULL);
assert(conn->ifnum < CAN_DLL_NUMOF);
if (conn->ifnum < 0 || conn->ifnum >= CAN_DLL_NUMOF) {
return -ENODEV;
}
assert(frame != NULL); assert(frame != NULL);
xtimer_t timer; xtimer_t timer;
@ -256,7 +268,10 @@ int conn_can_raw_recv(conn_can_raw_t *conn, struct can_frame *frame, uint32_t ti
int conn_can_raw_close(conn_can_raw_t *conn) int conn_can_raw_close(conn_can_raw_t *conn)
{ {
assert(conn != NULL); assert(conn != NULL);
assert(conn->ifnum < CAN_DLL_NUMOF);
if (conn->ifnum < 0 || conn->ifnum >= CAN_DLL_NUMOF) {
return -ENODEV;
}
DEBUG("conn_can_raw_close: conn=%p\n", (void *)conn); DEBUG("conn_can_raw_close: conn=%p\n", (void *)conn);

View File

@ -470,7 +470,9 @@ int raw_can_power_up(int ifnum)
int raw_can_set_bitrate(int ifnum, uint32_t bitrate, uint32_t sample_point) int raw_can_set_bitrate(int ifnum, uint32_t bitrate, uint32_t sample_point)
{ {
assert(ifnum < candev_nb); if (ifnum < 0 || ifnum >= candev_nb) {
return -1;
}
int res = 0; int res = 0;
int ret; int ret;