Merge pull request #252 from OpenKNX/fix-buffer-overflow

Fix buffer overflow
2024-10-20 20:07:45 +02:00 · 2023-07-13 11:08:11 +02:00 · 2023-07-13 11:08:11 +02:00 · aa57fdf482
commit aa57fdf482
parent 48000b25aa 09985ea793
2 changed files with 8 additions and 7 deletions
--- a/src/knx/application_layer.cpp
+++ b/src/knx/application_layer.cpp
@ -84,20 +84,17 @@ void ApplicationLayer::dataGroupConfirm(AckType ack, HopCountType hopType, Prior
    case GroupValueRead:
        if (_savedAsapReadRequest > 0)
            _bau.groupValueReadLocalConfirm(ack, _savedAsapReadRequest, priority, hopType, secCtrl, status);
-        else 
-            println("dataGroupConfirm: APDU-Type GroupValueRead has _savedAsapReadRequest = 0");
+        _savedAsapReadRequest = 0;
        break;
    case GroupValueResponse:
        if (_savedAsapResponse > 0)
            _bau.groupValueReadResponseConfirm(ack, _savedAsapResponse, priority, hopType, secCtrl, apdu.data(), apdu.length() - 1, status);
-        else 
-            println("dataGroupConfirm: APDU-Type GroupValueResponse has _savedAsapResponse = 0");
+        _savedAsapResponse = 0;
        break;
    case GroupValueWrite:
        if (_savedAsapWriteRequest > 0)
            _bau.groupValueWriteLocalConfirm(ack, _savedAsapWriteRequest, priority, hopType, secCtrl, apdu.data(), apdu.length() - 1, status);
-        else 
-            println("dataGroupConfirm: APDU-Type GroupValueWrite has _savedAsapWriteRequest = 0");
+        _savedAsapWriteRequest = 0;
        break;
    default:
        print("datagroup-confirm: unhandled APDU-Type: ");
--- a/src/knx/tpuart_data_link_layer.cpp
+++ b/src/knx/tpuart_data_link_layer.cpp
@ -97,12 +97,16 @@ enum {
 };

 #define EOP_TIMEOUT           2   //milli seconds; end of layer-2 packet gap
+#ifndef EOPR_TIMEOUT              // allow to set EOPR_TIMEOUT externally
 #define EOPR_TIMEOUT          8   //ms; relaxed EOP timeout; usally to trigger after NAK
+#endif
 #define CONFIRM_TIMEOUT       500  //milli seconds
 #define RESET_TIMEOUT         100 //milli seconds
 #define TX_TIMEPAUSE            0 // 0 means 1 milli seconds

-#define OVERRUN_COUNT           7 //bytes; max. allowed bytes in receive buffer (on start) to see it as overrun
+#ifndef OVERRUN_COUNT
+#define OVERRUN_COUNT          7 //bytes; max. allowed bytes in receive buffer (on start) to see it as overrun
+#endif

 // If this threshold is reached loop() goes into 
 // "hog mode" where it stays in loop() while L2 address reception