Skip to content

Fix broken HIDPowerDevice_::sendDate method #28

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Fix broken HIDPowerDevice_::sendDate method #28

wants to merge 4 commits into from

Conversation

forderud
Copy link
Contributor

@forderud forderud commented Oct 14, 2024
edited
Loading

See #29 for an alternative proposal.

The method currently uses a local bval variable as argument when calling HID().SendReport(...). This is problematic, since the SendReport method doesn't use bval immediately. It instead captures a pointer to bval which is accessed when the report is sent at a later point. This leads to a use-after-free situation when the pointer captured by SendReport no longer point to bval, but some other unknown data.

Propose to fix the issue by introducing a new iManufacturerDate member in the HIDPowerDevice class to act as persistent storage for the date value.

Also, change HIDPowerDevice_::sendDate to send the date as a FEATURE report instead of a INPUT report, so that it matches the ManufacturerDate parameter in the HID descriptor. This is also required in order for the date to be picked up on Windows.

@forderud forderud force-pushed the sendDate-fix branch 2 times, most recently from a4288f4 to 71c2682 Compare October 14, 2024 10:55
@forderud forderud mentioned this pull request Oct 15, 2024
Open
@forderud
Copy link
Contributor Author

forderud commented Jan 11, 2025
edited
Loading

@abratchik Would it be possible for you to take a look at either this PR or #29?

I've already tested the change locally.

@forderud
Fix broken HIDPowerDevice_::sendDate method
ac83334 
The method currently uses a local "bval" variable as argument when calling HID().SendReport(...). This is problematic, since the SendReport method doesn't use "bval" immediately. It instead captures a pointer to "bval" which is accessed when the report is sent at a later point. This leads to a use-after-free situation when the pointer captured by SendReport may no longer point to "bval".

Propose to fix the issue by introducing a new "iManufacturerDate" member in the HIDPowerDevice class to act as persistent storage for the date value.
@forderud
Change HIDPowerDevice_::sendDate to send the date as a FEATURE report…
770ecec 
… instead of a INPUT report, so that it matches the ManufacturerDate parameter in the HID descriptor. This is also required in order for the date to be picked up on Windows.
@forderud
Switch to using HIDPowerDevice_::sendDate method now that the method …
d91f51d 
…have been fixed.
@forderud
Change sendDate method to "int sendManufacturerDate(uint16_t year, ui…
8bbade6 
…nt8_t month, uint8_t day)" since it's anyhow tied to the ManufacturerDate parameter.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@forderud