From 2441206b580b86405eb50416f98a80578d1bf03c Mon Sep 17 00:00:00 2001 From: Michael West Date: Mon, 28 Oct 2013 12:35:46 -0700 Subject: CID 1104331: Fixed untrusted loop bound. CID 1104328: Fixed untrusted value as argument. CID 1104297: Removed dead code. --- host/lib/usrp/b200/b200_iface.cpp | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'host/lib') diff --git a/host/lib/usrp/b200/b200_iface.cpp b/host/lib/usrp/b200/b200_iface.cpp index 1d05e159c..457b380b6 100644 --- a/host/lib/usrp/b200/b200_iface.cpp +++ b/host/lib/usrp/b200/b200_iface.cpp @@ -158,6 +158,9 @@ bool parse_record(std::string *record, boost::uint16_t &len, \ std::istringstream(record->substr(3, 4)) >> std::hex >> addr; std::istringstream(record->substr(7, 2)) >> std::hex >> type; + if (len >2 * (record->length() - 9)) // sanity check to prevent buffer overrun + return false; + for (i = 0; i < len; i++) { std::istringstream(record->substr(9 + 2 * i, 2)) >> std::hex >> val; data[i] = (unsigned char) val; @@ -214,13 +217,13 @@ public: } - void write_i2c(boost::uint16_t addr, const byte_vector_t &bytes) + void write_i2c(boost::uint16_t addr __attribute__ ((unused)), const byte_vector_t &bytes __attribute__ ((unused))) { throw uhd::not_implemented_error("b200 write i2c"); } - byte_vector_t read_i2c(boost::uint16_t addr, size_t num_bytes) + byte_vector_t read_i2c(boost::uint16_t addr __attribute__ ((unused)), size_t num_bytes __attribute__ ((unused))) { throw uhd::not_implemented_error("b200 read i2c"); } @@ -293,7 +296,7 @@ public: } - void load_firmware(const std::string filestring, bool force = false) + void load_firmware(const std::string filestring, bool force __attribute__ ((unused)) = false) { const char *filename = filestring.c_str(); @@ -323,6 +326,9 @@ public: std::string record; file >> record; + if (!record.length() > 0) + continue; + /* Check for valid Intel HEX record. */ if (!checksum(&record) || !parse_record(&record, len, \ lower_address_bits, type, data)) { @@ -419,7 +425,9 @@ public: UHD_THROW_INVALID_CODE_PATH(); - fx3_control_write(B200_VREQ_FPGA_RESET, 0x00, 0x00, data, 4); + // Below is dead code as long as UHD_THROW_INVALID_CODE_PATH(); is declared above. + // It is preservered here in a comment in case it is needed later: + // fx3_control_write(B200_VREQ_FPGA_RESET, 0x00, 0x00, data, 4); } boost::uint8_t get_usb_speed(void) { -- cgit v1.2.3