[haiku-commits] Change in haiku[master]: usb_rndis: use the "data offset" field instead of hardcoding it

  • From: Gerrit <review@xxxxxxxxxxxxxxxxxxx>
  • To: waddlesplash <waddlesplash@xxxxxxxxx>, haiku-commits@xxxxxxxxxxxxx
  • Date: Fri, 10 Jun 2022 19:41:18 +0000

From Adrien Destugues <pulkomandy@xxxxxxxxx>:

Adrien Destugues has uploaded this change for review. ( 
https://review.haiku-os.org/c/haiku/+/5376 ;)


Change subject: usb_rndis: use the "data offset" field instead of hardcoding it
......................................................................

usb_rndis: use the "data offset" field instead of hardcoding it

Not sure if other phones could use another value, but it's better to
follow the spec. Also add some bounds checks with traces for now if we
see something strange.
---
M src/add-ons/kernel/drivers/network/ether/usb_rndis/RNDISDevice.cpp
1 file changed, 8 insertions(+), 2 deletions(-)



  git pull ssh://git.haiku-os.org:22/haiku refs/changes/76/5376/1

diff --git a/src/add-ons/kernel/drivers/network/ether/usb_rndis/RNDISDevice.cpp 
b/src/add-ons/kernel/drivers/network/ether/usb_rndis/RNDISDevice.cpp
index b23b5ea..1b17bef 100644
--- a/src/add-ons/kernel/drivers/network/ether/usb_rndis/RNDISDevice.cpp
+++ b/src/add-ons/kernel/drivers/network/ether/usb_rndis/RNDISDevice.cpp
@@ -289,8 +289,13 @@
                        fActualLengthRead);
        }

+       if (fReadHeader[2] + fReadHeader[3] > fReadHeader[1]) {
+               TRACE_ALWAYS("Received frame data goes past end of frame: %d + 
%d > %d", fReadHeader[2],
+                       fReadHeader[3], fReadHeader[1]);
+       }
+
        if (fReadHeader[4] != 0 || fReadHeader[5] != 0 || fReadHeader[6] != 0) {
-               TRACE_ALWAYS("Received frame has out of bound data: off %08" 
B_PRIx32 " len %08" B_PRIx32
+               TRACE_ALWAYS("Received frame has out of band data: off %08" 
B_PRIx32 " len %08" B_PRIx32
                        " count %08" B_PRIx32 "\n", fReadHeader[4], 
fReadHeader[5], fReadHeader[6]);
        }

@@ -304,7 +309,8 @@
        }

        *numBytes = fReadHeader[3];
-       memcpy(buffer, fReadHeader + 11, fReadHeader[3]);
+       int offset = fReadHeader[2] + 2 * sizeof(uint32);
+       memcpy(buffer, (uint8*)fReadHeader + offset, fReadHeader[3]);

        TRACE("Received data packet len %08" B_PRIx32 " data [off %08" B_PRIx32 
" len %08" B_PRIx32 "]\n",
                fReadHeader[1], fReadHeader[2], fReadHeader[3]);

--
To view, visit https://review.haiku-os.org/c/haiku/+/5376
To unsubscribe, or for help writing mail filters, visit 
https://review.haiku-os.org/settings

Gerrit-Project: haiku
Gerrit-Branch: master
Gerrit-Change-Id: I5c7bc37c4730e6a08bf0bf10fed975bf2012102e
Gerrit-Change-Number: 5376
Gerrit-PatchSet: 1
Gerrit-Owner: Adrien Destugues <pulkomandy@xxxxxxxxx>
Gerrit-MessageType: newchange

Other related posts:

  • » [haiku-commits] Change in haiku[master]: usb_rndis: use the "data offset" field instead of hardcoding it - Gerrit
  1. Home
  2. haiku-commits
  3. Archive
  4. 06-2022