Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / libpldm / 0a1be3cb905e5dea298033d91457f86361b0b418^! / . / tests / dsp / firmware_update.cpp
commit0a1be3cb905e5dea298033d91457f86361b0b418[log] [tgz]
authorAndrew Jeffery <andrew@codeconstruct.com.au>Sun Aug 11 08:34:10 2024 +0000
committerAndrew Jeffery <andrew@codeconstruct.com.au>Wed Sep 04 07:54:14 2024 +0200
treeeaf5077ecf3f6a5d95ca8671488459e411b3a7f4
parentcb569bc558887b9500432c8a7b987b185e5cf6fc [diff] [blame]
msgbuf: Harden pldm_msgbuf_{insert,extract}_array()

Review of some proposed APIs suggested that correct use of the
pldm_msgbuf_{insert,extract}_array() helpers was more difficult that it
should be. In the three-parameter form, it was too tempting to provide
the length to extract as parsed out of a PLDM message. The intended
use was that the length parameter represented the length of the
user-provided data buffer.

Instead, move to a four-parameter form, provide reasonable documentation
for how these APIs should be used, fix all the call-sites, and deprecate
some existing unsafe APIs.

Change-Id: If58e5574600e80b354f383554283c4eda5d7234c
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>

diff --git a/tests/dsp/firmware_update.cpp b/tests/dsp/firmware_update.cpp
index 8e96708..e21daf0 100644
--- a/tests/dsp/firmware_update.cpp
+++ b/tests/dsp/firmware_update.cpp

@@ -1940,17 +1940,24 @@
     pldm_msgbuf_insert_uint32(buf, comparisonStamp);
     pldm_msgbuf_insert_uint8(buf, (uint8_t)PLDM_STR_TYPE_ASCII);
     pldm_msgbuf_insert_uint8(buf, activeCompVerStrLen);
-    pldm_msgbuf_insert_array_char(buf, release_date, sizeof(release_date));
+    rc = pldm_msgbuf_insert_array_char(buf, sizeof(release_date), release_date,
+                                       sizeof(release_date));
+    ASSERT_EQ(rc, 0);
     pldm_msgbuf_insert_uint32(buf, comparisonStamp);
     pldm_msgbuf_insert_uint8(buf, (uint8_t)PLDM_STR_TYPE_ASCII);
     pldm_msgbuf_insert_uint8(buf, pendingCompVerStrLen);
-    pldm_msgbuf_insert_array_char(buf, release_date, sizeof(release_date));
+    rc = pldm_msgbuf_insert_array_char(buf, sizeof(release_date), release_date,
+                                       sizeof(release_date));
+    ASSERT_EQ(rc, 0);
     pldm_msgbuf_insert_uint16(buf, compActivationMethods);
     pldm_msgbuf_insert_uint32(buf, capabilitiesDuringUpdate);
-    pldm_msgbuf_insert_array_char(buf, activeCompVerStr,
-                                  sizeof(activeCompVerStr));
-    pldm_msgbuf_insert_array_char(buf, pendingCompVerStr,
-                                  sizeof(pendingCompVerStr));
+    rc = pldm_msgbuf_insert_array_char(
+        buf, activeCompVerStrLen, activeCompVerStr, sizeof(activeCompVerStr));
+    ASSERT_EQ(rc, 0);
+    rc = pldm_msgbuf_insert_array_char(buf, pendingCompVerStrLen,
+                                       pendingCompVerStr,
+                                       sizeof(pendingCompVerStr));
+    ASSERT_EQ(rc, 0);
 
     variable_field rawData = {.ptr = responseMsg.data(),
                               .length = responseMsg.size()};