Merge pull request #252 from OpenKNX/fix-buffer-overflow

Fix buffer overflow
thelsing · Jul 13, 2023 · aa57fdf · aa57fdf
2 parents 48000b2 + 09985ea
commit aa57fdf
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 7 deletions.
diff --git a/src/knx/application_layer.cpp b/src/knx/application_layer.cpp
@@ -84,20 +84,17 @@ void ApplicationLayer::dataGroupConfirm(AckType ack, HopCountType hopType, Prior
     case GroupValueRead:
         if (_savedAsapReadRequest > 0)
             _bau.groupValueReadLocalConfirm(ack, _savedAsapReadRequest, priority, hopType, secCtrl, status);
-        else 
-            println("dataGroupConfirm: APDU-Type GroupValueRead has _savedAsapReadRequest = 0");
+        _savedAsapReadRequest = 0;
         break;
     case GroupValueResponse:
         if (_savedAsapResponse > 0)
             _bau.groupValueReadResponseConfirm(ack, _savedAsapResponse, priority, hopType, secCtrl, apdu.data(), apdu.length() - 1, status);
-        else 
-            println("dataGroupConfirm: APDU-Type GroupValueResponse has _savedAsapResponse = 0");
+        _savedAsapResponse = 0;
         break;
     case GroupValueWrite:
         if (_savedAsapWriteRequest > 0)
             _bau.groupValueWriteLocalConfirm(ack, _savedAsapWriteRequest, priority, hopType, secCtrl, apdu.data(), apdu.length() - 1, status);
-        else 
-            println("dataGroupConfirm: APDU-Type GroupValueWrite has _savedAsapWriteRequest = 0");
+        _savedAsapWriteRequest = 0;
         break;
     default:
         print("datagroup-confirm: unhandled APDU-Type: ");

diff --git a/src/knx/tpuart_data_link_layer.cpp b/src/knx/tpuart_data_link_layer.cpp
@@ -97,12 +97,16 @@ enum {
 };
 
 #define EOP_TIMEOUT           2   //milli seconds; end of layer-2 packet gap
+#ifndef EOPR_TIMEOUT              // allow to set EOPR_TIMEOUT externally
 #define EOPR_TIMEOUT          8   //ms; relaxed EOP timeout; usally to trigger after NAK
+#endif
 #define CONFIRM_TIMEOUT       500  //milli seconds
 #define RESET_TIMEOUT         100 //milli seconds
 #define TX_TIMEPAUSE            0 // 0 means 1 milli seconds
 
-#define OVERRUN_COUNT           7 //bytes; max. allowed bytes in receive buffer (on start) to see it as overrun
+#ifndef OVERRUN_COUNT
+#define OVERRUN_COUNT          7 //bytes; max. allowed bytes in receive buffer (on start) to see it as overrun
+#endif
 
 // If this threshold is reached loop() goes into 
 // "hog mode" where it stays in loop() while L2 address reception