Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Illegal Heap write in rawbuf when the capture has overflowed. #1517

Merged
merged 2 commits into from
Jul 6, 2021
Merged

[BUG] Illegal Heap write in rawbuf when the capture has overflowed. #1517

merged 2 commits into from
Jul 6, 2021

Conversation

crankyoldgit
Copy link
Owner

  • Fix an issue where we write past the end of the capture buffer when it is full. Two options to fix this:
    1. Extend all capture buffers by 1 entry. i.e. upto 4 bytes of extra unused heap and some FLASH/PROGMEM bytes. or
    2. Skip the memory write when we have overflowed. i.e. Possibly slightly more than 4 bytes of FLASH/PROGMEM used.
    • CPU overhead should be about the same.
    • Given heap & memory is a more critical resource than Flash/PROGMEM, opting for Option 2.
  • Add a helper method IRrecv::_getParamsPtr to access params in Unit tests.
  • Unit tests so we can be sure it is fixed, and it doesn't happen again.

Kudos to @davepl for reporting the issue and diagnosing the offending line of code.

Fixes #1516

@crankyoldgit
[BUG] Illegal Heap write in rawbuf when the capture has overflowed.
2988443 
* Fix an issue where we write past the end of the capture buffer when it is full. Two options to fix this:
  1. Extend all capture buffers by 1 entry. i.e. upto 4 bytes of extra unused heap and some FLASH/PROGMEM bytes. _or_
  2. Skip the memory write when we have overflowed. i.e. Possibly slightly more than 4 bytes of FLASH/PROGMEM used.
  - CPU overhead should be about the same.
  - Given heap & memory is a more critical resource than Flash/PROGMEM, opting for Option 2.

TODO: Add unit tests to confirm this works and never happens again.

Kudos to @davepl for reporting the issue and diagnosing the offending line of code.

Fixes #1516
@crankyoldgit
Unit tests
133c723 
So we can be sure it is fixed, and it doesn't happen again.
* Add a helper method `IRrecv::_getParamsPtr` to access `params` in Unit tests.

Fixes #1516
@crankyoldgit crankyoldgit requested a review from NiKiZe July 5, 2021 17:20
@crankyoldgit crankyoldgit self-assigned this Jul 5, 2021
@crankyoldgit crankyoldgit merged commit 0b19d94 into master Jul 6, 2021
crankyoldgit added a commit that referenced this pull request Jul 6, 2021
@crankyoldgit
v2.7.19 release
cb854fe 
_v2.7.19 (20210706)_

**[Bug Fixes]**
- Illegal Heap write in rawbuf when the capture has overflowed. (#1516 #1517)
- PANASONIC_AC: Fix Low and High fan speeds (#1515)
- Fix MDNS in IRServer and IRMQTTServer example code (#1498 #1499)
- IRac: Fix off-by-one error in Coolix's sleep setting. (#1500)
- Fix undefined constant (#1490)

**[Features]**
- Add detailed support for Kelon ACs (#1494)
- Experimental basic support for Teknopoint A/C protocol (#1486 #1504)
- Daikin64: Add support for Heat mode (#1492)
- Basic support for `HAIER_AC176` 176 bit protocol. (#1480 #1481)

**[Misc]**
- GREE: Update inter-message gap timing (#1508 #1509)
- IRac: Change Coolix to send special messages after a normal message. (#1501 #1502)
- Fix compiler warnings causing Travis failures. (#1491)
- Update supported model info (#1477 #1485 #1488 #1489)
- Add HTML viewport meta tag to IRServer and IRMQTTServer examples (#1467 #1469)
@crankyoldgit crankyoldgit mentioned this pull request Jul 6, 2021
Merged
crankyoldgit added a commit that referenced this pull request Jul 6, 2021
@crankyoldgit
v2.7.19 release (#1521)
985419a 
* Regenerate Doxygen documentation

* v2.7.19 release
_v2.7.19 (20210706)_

**[Bug Fixes]**
- Illegal Heap write in rawbuf when the capture has overflowed. (#1516 #1517)
- PANASONIC_AC: Fix Low and High fan speeds (#1515)
- Fix MDNS in IRServer and IRMQTTServer example code (#1498 #1499)
- IRac: Fix off-by-one error in Coolix's sleep setting. (#1500)
- Fix undefined constant (#1490)

**[Features]**
- Add detailed support for Kelon ACs (#1494)
- Experimental basic support for Teknopoint A/C protocol (#1486 #1504)
- Daikin64: Add support for Heat mode (#1492)
- Basic support for `HAIER_AC176` 176 bit protocol. (#1480 #1481)

**[Misc]**
- GREE: Update inter-message gap timing (#1508 #1509)
- IRac: Change Coolix to send special messages after a normal message. (#1501 #1502)
- Fix compiler warnings causing Travis failures. (#1491)
- Update supported model info (#1477 #1485 #1488 #1489)
- Add HTML viewport meta tag to IRServer and IRMQTTServer examples (#1467 #1469)
@crankyoldgit crankyoldgit deleted the Issue1516 branch July 7, 2021 07:22
@crankyoldgit crankyoldgit mentioned this pull request Apr 14, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@NiKiZe NiKiZe NiKiZe approved these changes

Assignees

@crankyoldgit crankyoldgit

Labels
bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Trashage of the heap
2 participants
@crankyoldgit @NiKiZe