Nov 02, 2017
11:46 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Nov 02, 2017
11:46 AM
problematic code:
#define MIN(x,y) ((x) < (y) ? ( x 😞 (y))
/* Calculate the amount of data to read out of the buffer */
max_bytes_to_read = MIN(data_length, ring_buffer_used_space(ring_buffer));
The MIN macro ensures that the given y value (a function in this case) is executed twice instead of once. It is possible for interrupts to intercede and modify the ring buffer result.
In this case, the ring buffer could grow to a size larger than data_length and overrun the passed in buffer.
does this problem exist with other calls of MIN() macro?
fix:
used_space = ring_buffer_used_space(ring_buffer);
/* Calculate the amount of data to read out of the buffer */
max_bytes_to_read = MIN(data_length, used_space);
0 Replies