Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / pldm / a6bf12079398a6eb91875aec28184939e493c4a3^! / . / libpldm / fru.h
commita6bf12079398a6eb91875aec28184939e493c4a3[log] [tgz]
authorZach Clark <zach@ibm.com>Thu Sep 30 13:20:13 2021 -0500
committerzach <zach@ibm.com>Fri Dec 03 05:11:23 2021 +0000
treeb661d0a6e226fa962a7492f7262140d8aa01b26f
parent3270209480773567ac4468c3eabd24726013543a [diff] [blame]
Define safe variant of decode_get_fru_record_table_resp

The decode_get_fru_record_table_resp API is difficult to use safely
because it doesn't perform bounds-checking on the size of the FRU
record table before copying into the caller-allocated buffer.

This commit defines the decode_get_fru_record_table_resp_safe function
which adds an extra parameter to facilitate bounds-checking.

Signed-off-by: Zach Clark <zach@ibm.com>
Change-Id: Ief93d93df8627f5c15862206b33a901fa7bd92a6
Signed-off-by: Zach Clark <zach@ibm.com>

diff --git a/libpldm/fru.h b/libpldm/fru.h
index 456c051..bb2f571 100644
--- a/libpldm/fru.h
+++ b/libpldm/fru.h

@@ -364,6 +364,31 @@
     uint32_t *next_data_transfer_handle, uint8_t *transfer_flag,
     uint8_t *fru_record_table_data, size_t *fru_record_table_length);
 
+/** @brief Decode GetFruRecordTable response data, ensuring that the fru
+ *         record table section is small enough to fit in the provided buffer.
+ *
+ *  @param[in] msg - Response message
+ *  @param[in] payload_length - Length of response message payload
+ *  @param[out] completion_code - Pointer to response msg's PLDM completion code
+ *  @param[out] next_data_transfer_handle - A handle used to identify the next
+ *  portion of the transfer
+ *  @param[out] transfer_flag - The transfer flag that indicates what part of
+ * the transfer this response represents
+ *  @param[out] fru_record_table_data - This data is a portion of the overall
+ * FRU Record Table
+ *  @param[out] fru_record_table_length - Length of the FRU record table data
+ *  @param[in] max_fru_record_table_length - Maximum length of the FRU record
+ * table data. If the response contains more data than this,
+ * return PLDM_ERROR_INVALID_LENGTH.
+ *  @return pldm_completion_codes
+ */
+
+int decode_get_fru_record_table_resp_safe(
+    const struct pldm_msg *msg, size_t payload_length, uint8_t *completion_code,
+    uint32_t *next_data_transfer_handle, uint8_t *transfer_flag,
+    uint8_t *fru_record_table_data, size_t *fru_record_table_length,
+    size_t max_fru_record_table_length);
+
 /** @brief Encode the FRU record in the FRU table
  *
  *  @param[in/out] fru_table - Pointer to the FRU table