msgbuf: Harden pldm_msgbuf_{insert,extract}_array()
Review of some proposed APIs suggested that correct use of the
pldm_msgbuf_{insert,extract}_array() helpers was more difficult that it
should be. In the three-parameter form, it was too tempting to provide
the length to extract as parsed out of a PLDM message. The intended
use was that the length parameter represented the length of the
user-provided data buffer.
Instead, move to a four-parameter form, provide reasonable documentation
for how these APIs should be used, fix all the call-sites, and deprecate
some existing unsafe APIs.
Change-Id: If58e5574600e80b354f383554283c4eda5d7234c
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
diff --git a/tests/dsp/firmware_update.cpp b/tests/dsp/firmware_update.cpp
index 8e96708..e21daf0 100644
--- a/tests/dsp/firmware_update.cpp
+++ b/tests/dsp/firmware_update.cpp
@@ -1940,17 +1940,24 @@
pldm_msgbuf_insert_uint32(buf, comparisonStamp);
pldm_msgbuf_insert_uint8(buf, (uint8_t)PLDM_STR_TYPE_ASCII);
pldm_msgbuf_insert_uint8(buf, activeCompVerStrLen);
- pldm_msgbuf_insert_array_char(buf, release_date, sizeof(release_date));
+ rc = pldm_msgbuf_insert_array_char(buf, sizeof(release_date), release_date,
+ sizeof(release_date));
+ ASSERT_EQ(rc, 0);
pldm_msgbuf_insert_uint32(buf, comparisonStamp);
pldm_msgbuf_insert_uint8(buf, (uint8_t)PLDM_STR_TYPE_ASCII);
pldm_msgbuf_insert_uint8(buf, pendingCompVerStrLen);
- pldm_msgbuf_insert_array_char(buf, release_date, sizeof(release_date));
+ rc = pldm_msgbuf_insert_array_char(buf, sizeof(release_date), release_date,
+ sizeof(release_date));
+ ASSERT_EQ(rc, 0);
pldm_msgbuf_insert_uint16(buf, compActivationMethods);
pldm_msgbuf_insert_uint32(buf, capabilitiesDuringUpdate);
- pldm_msgbuf_insert_array_char(buf, activeCompVerStr,
- sizeof(activeCompVerStr));
- pldm_msgbuf_insert_array_char(buf, pendingCompVerStr,
- sizeof(pendingCompVerStr));
+ rc = pldm_msgbuf_insert_array_char(
+ buf, activeCompVerStrLen, activeCompVerStr, sizeof(activeCompVerStr));
+ ASSERT_EQ(rc, 0);
+ rc = pldm_msgbuf_insert_array_char(buf, pendingCompVerStrLen,
+ pendingCompVerStr,
+ sizeof(pendingCompVerStr));
+ ASSERT_EQ(rc, 0);
variable_field rawData = {.ptr = responseMsg.data(),
.length = responseMsg.size()};