Diff between b01440aba1918192fc5fa8f179ab665e6c9ca239 and 2ada1c13f687dad28492958af6cc0a6ecb392e2b

Changed Files

File Additions Deletions Status
mesh/mesh.c +4 -7 modified
mesh/node.c +13 -13 modified

Full Patch

diff --git a/mesh/mesh.c b/mesh/mesh.c
index 8db83b7..a0a9a7c 100644
--- a/mesh/mesh.c
+++ b/mesh/mesh.c
@@ -73,7 +73,7 @@ struct join_data{
 	const char *app_path;
 	struct mesh_node *node;
 	uint32_t disc_watch;
-	uint8_t uuid[16];
+	uint8_t *uuid;
 };
 
 struct attach_data {
@@ -561,7 +561,6 @@ static struct l_dbus_message *join_network_call(struct l_dbus *dbus,
 {
 	const char *app_path, *sender;
 	struct l_dbus_message_iter iter_uuid;
-	uint8_t *uuid;
 	uint32_t n;
 
 	l_debug("Join network request");
@@ -576,17 +575,15 @@ static struct l_dbus_message *join_network_call(struct l_dbus *dbus,
 
 	join_pending = l_new(struct join_data, 1);
 
-	l_dbus_message_iter_get_fixed_array(&iter_uuid, &uuid, &n);
-
-	if (n != 16) {
+	if (!l_dbus_message_iter_get_fixed_array(&iter_uuid,
+						&join_pending->uuid, &n)
+								|| n != 16) {
 		l_free(join_pending);
 		join_pending = NULL;
 		return dbus_error(msg, MESH_ERROR_INVALID_ARGS,
 							"Bad device UUID");
 	}
 
-	memcpy(join_pending->uuid, uuid, 16);
-
 	sender = l_dbus_message_get_sender(msg);
 
 	join_pending->sender = l_strdup(sender);
diff --git a/mesh/node.c b/mesh/node.c
index 6a7b4a2..761a67a 100644
--- a/mesh/node.c
+++ b/mesh/node.c
@@ -1537,7 +1537,7 @@ static struct l_dbus_message *send_call(struct l_dbus *dbus,
 	struct l_dbus_message_iter iter_data;
 	struct node_element *ele;
 	uint16_t dst, app_idx, src;
-	uint8_t data[MESH_MAX_ACCESS_PAYLOAD];
+	uint8_t *data;
 	uint32_t len;
 	struct l_dbus_message *reply;
 
@@ -1559,10 +1559,10 @@ static struct l_dbus_message *send_call(struct l_dbus *dbus,
 
 	src = node_get_primary(node) + ele->idx;
 
-	l_dbus_message_iter_get_fixed_array(&iter_data, data, &len);
-	if (!len)
+	if (!l_dbus_message_iter_get_fixed_array(&iter_data, &data, &len) ||
+					!len || len > MESH_MAX_ACCESS_PAYLOAD)
 		return dbus_error(msg, MESH_ERROR_INVALID_ARGS,
-						"Mesh message is empty");
+							"Incorrect data");
 
 	if (!mesh_model_send(node, src, dst, app_idx,
 				mesh_net_get_default_ttl(node->net), data, len))
@@ -1583,7 +1583,7 @@ static struct l_dbus_message *publish_call(struct l_dbus *dbus,
 	struct l_dbus_message_iter iter_data;
 	uint16_t mod_id, src;
 	struct node_element *ele;
-	uint8_t data[MESH_MAX_ACCESS_PAYLOAD];
+	uint8_t *data;
 	uint32_t len;
 	struct l_dbus_message *reply;
 	int result;
@@ -1606,10 +1606,10 @@ static struct l_dbus_message *publish_call(struct l_dbus *dbus,
 
 	src = node_get_primary(node) + ele->idx;
 
-	l_dbus_message_iter_get_fixed_array(&iter_data, data, &len);
-	if (!len)
+	if (!l_dbus_message_iter_get_fixed_array(&iter_data, &data, &len) ||
+					!len || len > MESH_MAX_ACCESS_PAYLOAD)
 		return dbus_error(msg, MESH_ERROR_INVALID_ARGS,
-						"Mesh message is empty");
+							"Incorrect data");
 
 	result = mesh_model_publish(node, VENDOR_ID_MASK | mod_id, src,
 				mesh_net_get_default_ttl(node->net), data, len);
@@ -1634,7 +1634,7 @@ static struct l_dbus_message *vendor_publish_call(struct l_dbus *dbus,
 	uint16_t model_id, vendor;
 	uint32_t vendor_mod_id;
 	struct node_element *ele;
-	uint8_t data[MESH_MAX_ACCESS_PAYLOAD];
+	uint8_t *data = NULL;
 	uint32_t len;
 	struct l_dbus_message *reply;
 	int result;
@@ -1657,10 +1657,10 @@ static struct l_dbus_message *vendor_publish_call(struct l_dbus *dbus,
 
 	src = node_get_primary(node) + ele->idx;
 
-	l_dbus_message_iter_get_fixed_array(&iter_data, data, &len);
-	if (!len)
+	if (!l_dbus_message_iter_get_fixed_array(&iter_data, &data, &len) ||
+					!len || len > MESH_MAX_ACCESS_PAYLOAD)
 		return dbus_error(msg, MESH_ERROR_INVALID_ARGS,
-						"Mesh message is empty");
+							"Incorrect data");
 
 	vendor_mod_id = (vendor << 16) | model_id;
 	result = mesh_model_publish(node, vendor_mod_id, src,
@@ -1686,7 +1686,7 @@ static void setup_node_interface(struct l_dbus_interface *iface)
 						"", "oqqay", "element_path",
 						"vendor", "model_id", "data");
 
-	/*TODO: Properties */
+	/* TODO: Properties */
 }
 
 bool node_dbus_init(struct l_dbus *bus)