You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@nuttx.apache.org by GitBox <gi...@apache.org> on 2023/01/09 13:40:20 UTC

[GitHub] [nuttx] csanchezdll commented on a diff in pull request #8058: s32k1xx: avoid buffer overflow when CAN time is used for non-FD CAN.

csanchezdll commented on code in PR #8058:
URL: https://github.com/apache/nuttx/pull/8058#discussion_r1064650963


##########
arch/arm/src/s32k1xx/s32k1xx_flexcan.c:
##########
@@ -341,8 +341,8 @@ static struct s32k1xx_driver_s g_flexcan2;
 static uint8_t g_tx_pool[(sizeof(struct canfd_frame)+MSG_DATA)*POOL_SIZE];
 static uint8_t g_rx_pool[(sizeof(struct canfd_frame)+MSG_DATA)*POOL_SIZE];
 #else
-static uint8_t g_tx_pool[sizeof(struct can_frame)*POOL_SIZE];
-static uint8_t g_rx_pool[sizeof(struct can_frame)*POOL_SIZE];
+static uint8_t g_tx_pool[(sizeof(struct can_frame)+MSG_DATA)*POOL_SIZE];
+static uint8_t g_rx_pool[(sizeof(struct can_frame)+MSG_DATA)*POOL_SIZE];

Review Comment:
   Some drivers reserve it always, some reserve it conditionally. Actually, stm32 driver reserves that space only for CONFIG_NET_CAN_RAW_TX_DEADLINE, which causes a similar buffer overflow when CONFIG_NET_TIMESTAMP is used. Another colleague of mine was going to submit that patch for stm32, unsure about the current status. I prefer keeping things decoupled. But I can add the conditional definition of MSG_DATA for s32k1xx , if you prefer to include it here.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@nuttx.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org