Fix buffer overflow opportunities in AlertNotificationService & AlertNotificationClient.

author: JF <jf@codingfield.com> 2020-06-28 11:59:14 +0200
committer: JF <jf@codingfield.com> 2020-06-28 11:59:14 +0200
commit: 89e7033830bd73a35f4bb2faf14ccf06f3785712 (patch)
tree: c8fd9c5d09518623215f383ca429f364b1012a4d /src/Components/Ble/NotificationManager.cpp
parent: 4f9adb2372a71bab3c38684420cf90b1a99a6c9a (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/src/Components/Ble/NotificationManager.cpp b/src/Components/Ble/NotificationManager.cpp
index 2e02cb15..0aea0697 100644
--- a/src/Components/Ble/NotificationManager.cpp
+++ b/src/Components/Ble/NotificationManager.cpp
@@ -4,11 +4,12 @@
 using namespace Pinetime::Controllers;
 
 void NotificationManager::Push(Pinetime::Controllers::NotificationManager::Categories category,
-                                                      const char *message, uint8_t messageSize) {
+                                                      const char *message, uint8_t currentMessageSize) {
   // TODO handle edge cases on read/write index
+  auto checkedSize = std::min(currentMessageSize, uint8_t{18});
   auto& notif = notifications[writeIndex];
-  std::memcpy(notif.message.data(), message, messageSize);
-  notif.message[messageSize] = '\0';
+  std::memcpy(notif.message.data(), message, checkedSize);
+  notif.message[checkedSize] = '\0';
   notif.category = category;
 
   writeIndex = (writeIndex + 1 < TotalNbNotifications) ? writeIndex + 1 : 0;
author	JF <jf@codingfield.com>	2020-06-28 11:59:14 +0200
committer	JF <jf@codingfield.com>	2020-06-28 11:59:14 +0200
commit	89e7033830bd73a35f4bb2faf14ccf06f3785712 (patch)
tree	c8fd9c5d09518623215f383ca429f364b1012a4d /src/Components/Ble/NotificationManager.cpp
parent	4f9adb2372a71bab3c38684420cf90b1a99a6c9a (diff)