g4klx/DMRGateway
1
0
Fork 0
mirror of https://github.com/g4klx/DMRGateway.git synced 2026-04-21 06:13:47 +00:00
Code Issues Projects Releases Packages Wiki Activity

Validate DMRD packet length before enqueuing

Browse source 
The received packet length was stored as unsigned char (max 255) and
used without validating it matches the expected 55-byte DMRD packet
size. Reject packets that don't match the expected length to prevent
stale data reads and silent truncation.
This commit is contained in:
Ember 2026-04-05 17:53:52 -07:00
parent 65eaf779b0
commit a1946c8fc8
2 changed files with 6 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
MMDVMNetwork.cpp
View file

@ -272,9 +272,11 @@ void CMMDVMNetwork::clock(unsigned int ms)
CUtils::dump(1U, "Network Received", m_buffer, length);
if (::memcmp(m_buffer, "DMRD", 4U) == 0) {
unsigned char len = length;
m_rxData.addData(&len, 1U);
m_rxData.addData(m_buffer, len);
if (length == HOMEBREW_DATA_PACKET_LENGTH) {
unsigned char len = length;
m_rxData.addData(&len, 1U);
m_rxData.addData(m_buffer, len);
}
} else if (::memcmp(m_buffer, "DMRG", 4U) == 0) {
if (length <= 50U) {
::memcpy(m_radioPositionData, m_buffer, length);