msgbuf: Harden pldm_msgbuf_{insert,extract}_array()
Review of some proposed APIs suggested that correct use of the
pldm_msgbuf_{insert,extract}_array() helpers was more difficult that it
should be. In the three-parameter form, it was too tempting to provide
the length to extract as parsed out of a PLDM message. The intended
use was that the length parameter represented the length of the
user-provided data buffer.
Instead, move to a four-parameter form, provide reasonable documentation
for how these APIs should be used, fix all the call-sites, and deprecate
some existing unsafe APIs.
Change-Id: If58e5574600e80b354f383554283c4eda5d7234c
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
diff --git a/tests/msgbuf_generic.c b/tests/msgbuf_generic.c
index 96b3bb5..32b9ed9 100644
--- a/tests/msgbuf_generic.c
+++ b/tests/msgbuf_generic.c
@@ -139,7 +139,7 @@
expect(pldm_msgbuf_init_cc(ctx, sizeof(buf), buf, sizeof(buf)) ==
PLDM_SUCCESS);
- expect(pldm_msgbuf_extract_array(ctx, arr, 1) == PLDM_SUCCESS);
+ expect(pldm_msgbuf_extract_array(ctx, 1, arr, 1) == PLDM_SUCCESS);
expect(arr[0] == 0);
expect(pldm_msgbuf_destroy(ctx) == PLDM_SUCCESS);
}
@@ -291,15 +291,16 @@
uint8_t retBuff[6] = {0};
expect(pldm_msgbuf_init_cc(ctx, 0, buf, sizeof(buf)) == PLDM_SUCCESS);
- expect(pldm_msgbuf_insert_array(ctx, src, sizeof(src)) == PLDM_SUCCESS);
+ expect(pldm_msgbuf_insert_array(ctx, sizeof(src), src, sizeof(src)) ==
+ PLDM_SUCCESS);
struct pldm_msgbuf _ctxExtract;
struct pldm_msgbuf* ctxExtract = &_ctxExtract;
expect(pldm_msgbuf_init_cc(ctxExtract, 0, buf, sizeof(buf)) ==
PLDM_SUCCESS);
- expect(pldm_msgbuf_extract_array(ctxExtract, retBuff, sizeof(retBuff)) ==
- PLDM_SUCCESS);
+ expect(pldm_msgbuf_extract_array(ctxExtract, sizeof(retBuff), retBuff,
+ sizeof(retBuff)) == PLDM_SUCCESS);
expect(memcmp(src, retBuff, sizeof(retBuff)) == 0);
expect(pldm_msgbuf_destroy(ctxExtract) == PLDM_SUCCESS);