Skip to content

Commit e940259

Browse files
thomas-v2thomas-v2
authored
Merge pull request thomas-v2#47 from juwalter/master
S7p: Fix buffer length checks in decoding methods
2 parents fc946aa + 8e1a7e2 commit e940259

File tree

1 file changed

+24
-12
lines changed
  • src/S7CommPlusDriver/Core

1 file changed

+24
-12
lines changed

src/S7CommPlusDriver/Core/S7p.cs

Lines changed: 24 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -87,7 +87,7 @@ public static int EncodeInt64(System.IO.Stream buffer, Int64 value)
8787

8888
public static int DecodeByte(System.IO.Stream buffer, out byte value)
8989
{
90-
if (buffer.Position >= buffer.Length)
90+
if (buffer.Length - buffer.Position < 1)
9191
{
9292
value = 0;
9393
return 0;
@@ -98,7 +98,7 @@ public static int DecodeByte(System.IO.Stream buffer, out byte value)
9898

9999
public static int DecodeUInt16(System.IO.Stream buffer, out UInt16 value)
100100
{
101-
if (buffer.Position >= buffer.Length)
101+
if (buffer.Length - buffer.Position < 2)
102102
{
103103
value = 0;
104104
return 0;
@@ -110,7 +110,7 @@ public static int DecodeUInt16(System.IO.Stream buffer, out UInt16 value)
110110
// Little Endian
111111
public static int DecodeUInt16LE(System.IO.Stream buffer, out UInt16 value)
112112
{
113-
if (buffer.Position >= buffer.Length)
113+
if (buffer.Length - buffer.Position < 2)
114114
{
115115
value = 0;
116116
return 0;
@@ -121,7 +121,7 @@ public static int DecodeUInt16LE(System.IO.Stream buffer, out UInt16 value)
121121

122122
public static int DecodeInt16(System.IO.Stream buffer, out Int16 value)
123123
{
124-
if (buffer.Position >= buffer.Length)
124+
if (buffer.Length - buffer.Position < 2)
125125
{
126126
value = 0;
127127
return 0;
@@ -132,7 +132,7 @@ public static int DecodeInt16(System.IO.Stream buffer, out Int16 value)
132132

133133
public static int DecodeUInt32(System.IO.Stream buffer, out UInt32 value)
134134
{
135-
if (buffer.Position >= buffer.Length)
135+
if (buffer.Length - buffer.Position < 4)
136136
{
137137
value = 0;
138138
return 0;
@@ -144,7 +144,7 @@ public static int DecodeUInt32(System.IO.Stream buffer, out UInt32 value)
144144
// Little Endian
145145
public static int DecodeUInt32LE(System.IO.Stream buffer, out UInt32 value)
146146
{
147-
if (buffer.Position >= buffer.Length)
147+
if (buffer.Length - buffer.Position < 4)
148148
{
149149
value = 0;
150150
return 0;
@@ -156,7 +156,7 @@ public static int DecodeUInt32LE(System.IO.Stream buffer, out UInt32 value)
156156
// Little Endian
157157
public static int DecodeInt32LE(System.IO.Stream buffer, out Int32 value)
158158
{
159-
if (buffer.Position >= buffer.Length)
159+
if (buffer.Length - buffer.Position < 4)
160160
{
161161
value = 0;
162162
return 0;
@@ -167,7 +167,7 @@ public static int DecodeInt32LE(System.IO.Stream buffer, out Int32 value)
167167

168168
public static int DecodeInt32(System.IO.Stream buffer, out Int32 value)
169169
{
170-
if (buffer.Position >= buffer.Length)
170+
if (buffer.Length - buffer.Position < 4)
171171
{
172172
value = 0;
173173
return 0;
@@ -178,7 +178,7 @@ public static int DecodeInt32(System.IO.Stream buffer, out Int32 value)
178178

179179
public static int DecodeUInt64(System.IO.Stream buffer, out UInt64 value)
180180
{
181-
if (buffer.Position >= buffer.Length)
181+
if (buffer.Length - buffer.Position < 8)
182182
{
183183
value = 0;
184184
return 0;
@@ -192,7 +192,7 @@ public static int DecodeUInt64(System.IO.Stream buffer, out UInt64 value)
192192

193193
public static int DecodeInt64(System.IO.Stream buffer, out Int64 value)
194194
{
195-
if (buffer.Position >= buffer.Length)
195+
if (buffer.Length - buffer.Position < 8)
196196
{
197197
value = 0;
198198
return 0;
@@ -600,6 +600,11 @@ public static int EncodeWString(System.IO.Stream buffer, string value)
600600

601601
public static int DecodeWString(System.IO.Stream buffer, int length, out string value)
602602
{
603+
if (buffer.Length - buffer.Position < length)
604+
{
605+
value = string.Empty;
606+
return 0;
607+
}
603608
byte[] tmp = new byte[length];
604609
buffer.Read(tmp, 0, length);
605610
value = Encoding.UTF8.GetString(tmp);
@@ -615,7 +620,7 @@ public static int EncodeOctets(System.IO.Stream buffer, byte[] value)
615620

616621
public static int DecodeOctets(System.IO.Stream buffer, int length, out byte[] value)
617622
{
618-
if (length <= 0)
623+
if (length <= 0 || buffer.Length - buffer.Position < length)
619624
{
620625
value = null;
621626
return 0;
@@ -715,7 +720,14 @@ public static int DecodeObject(System.IO.Stream buffer, ref PObject obj, bool As
715720

716721
public static int DecodeHeader(System.IO.Stream buffer, out byte version, out UInt16 length)
717722
{
718-
buffer.ReadByte();
723+
if (buffer.Length - buffer.Position < 4)
724+
{
725+
version = 0;
726+
length = 0;
727+
return 0;
728+
}
729+
730+
buffer.ReadByte(); // Skip one byte (purpose unclear)
719731
version = (byte)buffer.ReadByte();
720732
DecodeUInt16(buffer, out length);
721733
return 4;

0 commit comments

Comments
 (0)