Fix Out of bounds compilation warning in OCTET8

The code in OCTET8 implementation assumes the len is placed inside the byte preceding the memory buffer, which is true for the defined cases. However, it creates a compilation warning. Better pass the value directly from the struct field rather than playing addr games. this way we also assert we require to explicitly pass the len. Fixes lots of warning like the one below: /home/pespin/dev/sysmocom/bin/../git/libsmpp34/src/smpp34_unpack.c: In function ‘smpp34_u npack’: /home/pespin/dev/sysmocom/bin/../git/libsmpp34/src/smpp34_unpack.c:147:14: warning: array subscript is above array bounds [-Warray-bounds] lenval = *((inst par) - 1);\ ^~~~~~~~~~~~~~~~~ /home/pespin/dev/sysmocom/bin/../git/libsmpp34/def_frame/submit_sm.frame:18:2: note: in e xpansion of macro ‘OCTET8’ OCTET8( instancia, short_message, 254 ); ^~~~~~ Change-Id: Id110f4e977c3becdb44cf5492c372e530ea51551
author: Pau Espin Pedrol <pespin@sysmocom.de> 2017-09-15 20:09:19 +0200
committer: Pau Espin Pedrol <pespin@sysmocom.de> 2017-09-15 20:24:25 +0200
commit: c63971fab0d67bc52d7fd455529b844009aa8565 (patch)
tree: 6acea50848b0513d2ccaff3a92a835fac055e859
parent: cbdde82aca1103db1ed69f29a666f29fdc6b79ba (diff)
8 files changed, 8 insertions, 11 deletions
diff --git a/def_frame/deliver_sm.frame b/def_frame/deliver_sm.frame
index 2306f19..6cbd90d 100644
--- a/def_frame/deliver_sm.frame
+++ b/def_frame/deliver_sm.frame
@@ -15,5 +15,5 @@ C_OCTET( instancia, validity_period, 1 );
     U08( instancia, data_coding, valueDec_08 );
     U08( instancia, sm_default_msg_id, valueDec_08 );
     U08( instancia, sm_length, valueDec_08 );
- OCTET8( instancia, short_message, 254 );
+ OCTET8( instancia, short_message, 254, instancia sm_length );
     TLV( instancia, tlv, do_tlv_deliver_sm );
diff --git a/def_frame/replace_sm.frame b/def_frame/replace_sm.frame
index a35187d..641207e 100644
--- a/def_frame/replace_sm.frame
+++ b/def_frame/replace_sm.frame
@@ -7,4 +7,4 @@ C_OCTET( instancia, validity_period, 17 );
     U08( instancia, registered_delivery, valueDec_08 );
     U08( instancia, sm_default_msg_id, valueDec_08 );
     U08( instancia, sm_length, valueDec_08 );
- OCTET8( instancia, short_message, 254 );
+ OCTET8( instancia, short_message, 254, instancia sm_length );
diff --git a/def_frame/submit_multi.frame b/def_frame/submit_multi.frame
index 0c5fb31..e58fd36 100644
--- a/def_frame/submit_multi.frame
+++ b/def_frame/submit_multi.frame
@@ -14,5 +14,5 @@ C_OCTET( instancia, validity_period, 17 );
     U08( instancia, data_coding, valueDec_08 );
     U08( instancia, sm_default_msg_id, valueDec_08 );
     U08( instancia, sm_length, valueDec_08 );
- OCTET8( instancia, short_message, 254 );
+ OCTET8( instancia, short_message, 254, instancia sm_length );
     TLV( instancia, tlv, do_tlv_submit_multi );
diff --git a/def_frame/submit_sm.frame b/def_frame/submit_sm.frame
index 0a54421..bf8e560 100644
--- a/def_frame/submit_sm.frame
+++ b/def_frame/submit_sm.frame
@@ -15,5 +15,5 @@ C_OCTET( instancia, validity_period, 17 );
     U08( instancia, data_coding, valueDec_08 );
     U08( instancia, sm_default_msg_id, valueDec_08 );
     U08( instancia, sm_length, valueDec_08 );
- OCTET8( instancia, short_message, 254 );
+ OCTET8( instancia, short_message, 254, instancia sm_length );
     TLV( instancia, tlv, do_tlv_submit_sm );
diff --git a/src/smpp34_dumpPdu.c b/src/smpp34_dumpPdu.c
index 89d6e53..688f4ea 100644
--- a/src/smpp34_dumpPdu.c
+++ b/src/smpp34_dumpPdu.c
@@ -136,11 +136,10 @@ smpp34_dumpPdu(uint32_t type, uint8_t *dest, int size_dest, void* tt)
     _op(inst, par, size )\
 }
 
-#define OCTET8( inst, par, size ){\
+#define OCTET8( inst, par, size, lenval ){\
     int i = 0;\
     uint8_t *p = l_dest;\
     int dummy = 0;\
-    lenval = *((inst par) - 1);\
     if( (lenval + 33) >= left ){\
         PUTLOG("[%s:%s(%s)]", par, inst par, \
                                      "Value length exceed buffer length");\
diff --git a/src/smpp34_pack.c b/src/smpp34_pack.c
index b36e7a4..ef1c599 100644
--- a/src/smpp34_pack.c
+++ b/src/smpp34_pack.c
@@ -139,8 +139,7 @@ smpp34_pack(uint32_t type, uint8_t *ptrBuf, int ptrSize, int *ptrLen, void* tt)
     }\
 };
 
-#define OCTET8( inst, par, sizeval ){\
-    lenval = *((inst par) - 1);\
+#define OCTET8( inst, par, sizeval, lenval ){\
     if( lenval >= left ){\
         PUTLOG("[leng %s:%d(%s)]", par, lenval,\
                                       "Value length exceed buffer length");\
diff --git a/src/smpp34_structs.h b/src/smpp34_structs.h
index 71d22cd..7c83df8 100644
--- a/src/smpp34_structs.h
+++ b/src/smpp34_structs.h
@@ -75,7 +75,7 @@ typedef struct alert_notification_t alert_notification_t;
 
 #define O_C_OCTET( inst, par, size ) uint8_t par[ size ];
 #define C_OCTET( inst, par, size ) uint8_t par[ size ];
-#define OCTET8( inst, par, size ) uint8_t par[ size ];
+#define OCTET8( inst, par, size, lenval ) uint8_t par[ size ];
 #define OCTET16( inst, par, size ) uint8_t par[ size ];
 
 #define TLV( inst, par, do_tlv ) tlv_t *par;
diff --git a/src/smpp34_unpack.c b/src/smpp34_unpack.c
index 3d8b0f8..749a037 100644
--- a/src/smpp34_unpack.c
+++ b/src/smpp34_unpack.c
@@ -143,8 +143,7 @@ smpp34_unpack(uint32_t type, void* tt, const uint8_t *ptrBuf, int ptrLen)
     };\
 }
 
-#define OCTET8( inst, par, size ){\
-    lenval = *((inst par) - 1);\
+#define OCTET8( inst, par, size, lenval ){\
     if( lenval > left ){\
         PUTLOG("[leng %s:%d(%s)]", par, lenval,\
                                       "Value length exceed buffer length");\
author	Pau Espin Pedrol <pespin@sysmocom.de>	2017-09-15 20:09:19 +0200
committer	Pau Espin Pedrol <pespin@sysmocom.de>	2017-09-15 20:24:25 +0200
commit	c63971fab0d67bc52d7fd455529b844009aa8565 (patch)
tree	6acea50848b0513d2ccaff3a92a835fac055e859
parent	cbdde82aca1103db1ed69f29a666f29fdc6b79ba (diff)