Skip to content

Commit

Permalink
gdb_main: Fix remaining length calculation for 'X' 'M' and 'vFlashWrite'
Browse files Browse the repository at this point in the history
When removing use of sscanf from gdb_main the calculation of the length
of the remaining data portion of the 'X', 'M', and 'vFlashWrite' packet
types was done wrongly. The difference between the start of data pointer
and start of buffer pointer was reversed resulting in adding this to the
total length rather than subtracting it.  For the 'X' and 'M' packets
this causes them to accept lengths longer than the supplied data but
correct packets would still function as expected. For the 'vFlashWrite'
packet the length passed to the flash write function was about 8 larger
than it should have been which could cause problems.

The calculation of the data length portion of the packets has been
corrected so all three now work as expected.
  • Loading branch information
OmniTechnoMancer authored and OmniTechnoMancer committed Apr 21, 2024
1 parent ef55d1a commit 46cff02
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions src/gdb_main.c
Original file line number Diff line number Diff line change
Expand Up @@ -168,7 +168,7 @@ int32_t gdb_main_loop(target_controller_s *tc, char *pbuf, size_t pbuf_size, siz
uint32_t len = 0;
ERROR_IF_NO_TARGET();
if (read_hex32(pbuf + 1, &rest, &addr, ',') && read_hex32(rest, &rest, &len, ':')) {
if (len > (size - (size_t)(pbuf - rest)) / 2U) {
if (len > (size - (size_t)(rest - pbuf)) / 2U) {
gdb_putpacketz("E02");
break;
}
Expand Down Expand Up @@ -344,7 +344,7 @@ int32_t gdb_main_loop(target_controller_s *tc, char *pbuf, size_t pbuf_size, siz
uint32_t addr, len;
ERROR_IF_NO_TARGET();
if (read_hex32(pbuf + 1, &rest, &addr, ',') && read_hex32(rest, &rest, &len, ':')) {
if (len > (size - (size_t)(pbuf - rest))) {
if (len > (size - (size_t)(rest - pbuf))) {
gdb_putpacketz("E02");
break;
}
Expand Down Expand Up @@ -789,7 +789,7 @@ static void exec_v_flash_write(const char *packet, const size_t length)
const char *rest = NULL;
if (read_hex32(packet, &rest, &addr, ':')) {
/* Write Flash Memory */
const uint32_t count = length - (packet - rest);
const uint32_t count = length - (size_t)(rest - packet);
DEBUG_GDB("Flash Write %08" PRIX32 " %08" PRIX32 "\n", addr, count);
if (cur_target && target_flash_write(cur_target, addr, (uint8_t *)rest, count))
gdb_putpacketz("OK");
Expand Down

0 comments on commit 46cff02

Please sign in to comment.