From 6452d305c207368717cfe9b75b196ba2d11b9c98 Mon Sep 17 00:00:00 2001 From: Stefan `Sec` Zehl Date: Wed, 10 Aug 2011 04:25:50 +0200 Subject: [PATCH] Clamp value types and add debugging-panic on violation --- firmware/funk/mesh.c | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/firmware/funk/mesh.c b/firmware/funk/mesh.c index f64b22b..d79973b 100644 --- a/firmware/funk/mesh.c +++ b/firmware/funk/mesh.c @@ -7,6 +7,7 @@ #include "basic/byteorder.h" #include "basic/random.h" #include "basic/config.h" +#include "lcd/print.h" char meshgen=0; // Generation char meshincctr=0; @@ -28,6 +29,23 @@ void initMesh(void){ meshbuffer[0].flags=MF_USED; }; +int mesh_sanity(uint8_t * pkt){ + if(MO_TYPE(pkt)>='A' && MO_TYPE(pkt)<='Z'){ + if(MO_TIME(pkt)>1313803870) + return 1; + if(MO_TIME(pkt)<1312075898) + return 1; + }else if(MO_TYPE(pkt)>='a' && MO_TYPE(pkt)<='z'){ + if(MO_TIME(pkt)>16777216) + return 1; + if(MO_TIME(pkt)<0) + return 1; + }; + if(MO_TYPE(pkt)>0x7f || MO_TYPE(pkt)<0x20) + return 1; + return 0; +}; + MPKT * meshGetMessage(uint8_t type){ int free=-1; for(int i=0;iSECS_DAY) meshbuffer[i].flags=MF_FREE; }; + if(mesh_sanity(meshbuffer[i].pkt)){ + meshbuffer[i].flags=MF_FREE; +#if 1 + setSystemFont(); + lcdClear(); + lcdPrintln("MESH PANIC!"); + lcdPrint(IntToStr(i,2,0)); + lcdPrintln(":"); + lcdPrint(IntToStrX(meshbuffer[i].pkt[0],2)); + lcdPrint(" "); + lcdPrintln(IntToStrX(meshbuffer[i].pkt[1],2)); + lcdPrintln(IntToStrX(uint8ptouint32(meshbuffer[i].pkt+2),8)); + lcdPrintln(IntToStrX(uint8ptouint32(meshbuffer[i].pkt+6),8)); + lcdPrintln(IntToStrX(uint8ptouint32(meshbuffer[i].pkt+10),8)); + lcdRefresh(); + while ((getInputRaw())==BTN_NONE); +#endif + }; }; }; }; @@ -153,6 +189,11 @@ uint8_t mesh_recvqloop_work(void){ return 0; }; + if(mesh_sanity(buf)){ + meshincctr++; + return 0; + }; + if(MO_GEN(buf)>meshgen){ if(meshgen) meshgen++;