Fix decode getStateSensorReadings resp command
Logically, first parse the response data and verify the validity of
the comp_sensor_count value, and then verify whether the length of
the response data is correct.
Tested: Used raw commond and test passed.
Signed-off-by: George Liu <liuxiwei@inspur.com>
Change-Id: I9369474e44891088efc46dcdc3194d88cc13f35f
diff --git a/libpldm/platform.c b/libpldm/platform.c
index bc45ae0..d935edd 100644
--- a/libpldm/platform.c
+++ b/libpldm/platform.c
@@ -649,12 +649,6 @@
return PLDM_SUCCESS;
}
- if (payload_length >
- PLDM_GET_STATE_SENSOR_READINGS_MIN_RESP_BYTES +
- sizeof(get_sensor_state_field) * *comp_sensor_count) {
- return PLDM_ERROR_INVALID_LENGTH;
- }
-
struct pldm_get_state_sensor_readings_resp *response =
(struct pldm_get_state_sensor_readings_resp *)msg->payload;
@@ -662,9 +656,13 @@
response->comp_sensor_count > 0x8) {
return PLDM_ERROR_INVALID_DATA;
}
- if (response->comp_sensor_count > *comp_sensor_count) {
+
+ if (payload_length >
+ PLDM_GET_STATE_SENSOR_READINGS_MIN_RESP_BYTES +
+ sizeof(get_sensor_state_field) * response->comp_sensor_count) {
return PLDM_ERROR_INVALID_LENGTH;
}
+
*comp_sensor_count = response->comp_sensor_count;
memcpy(field, response->field,