Skip to content

Commit 9903acd

Browse files
knroknro
committed
Add buffer checks
1 parent a93cc45 commit 9903acd

File tree

1 file changed

+69
-12
lines changed

1 file changed

+69
-12
lines changed

drivers/focuser/celestron.cpp

Lines changed: 69 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -182,12 +182,33 @@ bool CelestronSCT::Ack()
182182
if (!communicator.sendCommand(PortFD, Aux::Target::FOCUSER, Aux::Command::GET_VER, reply))
183183
return false;
184184

185-
if (reply.size() == 4)
185+
// Check minimum size for firmware version
186+
if (reply.empty())
186187
{
187-
LOGF_INFO("Firmware Version %i.%i.%i", reply[0], reply [1], (reply[2] << 8) + reply[3]);
188+
LOG_ERROR("Empty response from focuser");
189+
return false;
190+
}
191+
192+
// Ensure we have at least 2 bytes for major.minor version
193+
if (reply.size() < 2)
194+
{
195+
LOG_ERROR("Incomplete firmware version response");
196+
return false;
197+
}
198+
199+
if (reply.size() >= 4)
200+
{
201+
// Full version with build number
202+
uint16_t build = (reply[2] << 8);
203+
if (reply.size() > 4)
204+
build += reply[3];
205+
LOGF_INFO("Firmware Version %d.%d.%d", reply[0], reply[1], build);
188206
}
189207
else
190-
LOGF_INFO("Firmware Version %i.%i", reply[0], reply [1]);
208+
{
209+
// Just major.minor version
210+
LOGF_INFO("Firmware Version %d.%d", reply[0], reply[1]);
211+
}
191212
return true;
192213
}
193214

@@ -197,32 +218,57 @@ bool CelestronSCT::readPosition()
197218
if (!communicator.sendCommand(PortFD, Aux::Target::FOCUSER, Aux::Command::MC_GET_POSITION, reply))
198219
return false;
199220

221+
// Position response should be 3 bytes
222+
if (reply.size() < 3)
223+
{
224+
LOG_ERROR("Invalid position response size");
225+
return false;
226+
}
227+
200228
int truePos = (reply[0] << 16) + (reply[1] << 8) + reply[2];
201-
LOGF_DEBUG("True Position %i", truePos);
229+
LOGF_DEBUG("True Position %d", truePos);
202230
FocusAbsPosN[0].value = absPos(truePos);
203231
return true;
204232
}
205233

206234
bool CelestronSCT::isMoving()
207235
{
208-
Aux::buffer reply(1);
236+
Aux::buffer reply;
209237
if (!communicator.sendCommand(PortFD, Aux::Target::FOCUSER, Aux::Command::MC_SLEW_DONE, reply))
238+
{
239+
LOG_ERROR("Failed to get motion status");
240+
return false;
241+
}
242+
243+
if (reply.empty())
244+
{
245+
LOG_ERROR("Empty motion status response");
210246
return false;
247+
}
248+
211249
return reply[0] != static_cast<uint8_t>(0xFF);
212250
}
213251

214252
// read the focuser limits from the hardware
215253
bool CelestronSCT::readLimits()
216254
{
217-
Aux::buffer reply(8);
255+
Aux::buffer reply;
218256
if(!communicator.sendCommand(PortFD, Aux::Target::FOCUSER, Aux::Command::FOC_GET_HS_POSITIONS, reply))
219257
return false;
220258

259+
// Limits response should be 8 bytes (4 bytes each for min and max positions)
260+
if (reply.size() < 8)
261+
{
262+
LOG_ERROR("Invalid limits response size");
263+
return false;
264+
}
265+
221266
truePosMin = (reply[0] << 24) + (reply[1] << 16) + (reply[2] << 8) + reply[3];
222267
truePosMax = (reply[4] << 24) + (reply[5] << 16) + (reply[6] << 8) + reply[7];
223268

224269
// check on integrity of values
225-
if (truePosMax <= truePosMin){
270+
if (truePosMax <= truePosMin)
271+
{
226272
focuserIsCalibrated = false;
227273
LOGF_INFO("Focus range %i to %i invalid", truePosMin, truePosMax);
228274
return false;
@@ -232,7 +278,7 @@ bool CelestronSCT::readLimits()
232278
FocusAbsPosN[0].max = FocusMaxPosN[0].value = absPos(truePosMin);
233279
FocusAbsPosNP.s = IPS_OK;
234280
FocusMaxPosNP.s = IPS_OK;
235-
IUUpdateMinMax(&FocusAbsPosNP);
281+
IUUpdateMinMax(&FocusAbsPosNP);
236282
IDSetNumber(&FocusMaxPosNP, nullptr);
237283

238284
// FocusMinPosN[0].value = lo;
@@ -332,8 +378,8 @@ IPState CelestronSCT::MoveAbsFocuser(uint32_t targetTicks)
332378

333379
// the focuser seems happy to move 500 steps past the soft limit so don't check backlash
334380
if (targetTicks > FocusMaxPosN[0].value)
335-
// targetTicks < FocusMinPosN[0].value)
336-
381+
// targetTicks < FocusMinPosN[0].value)
382+
337383
{
338384
LOGF_ERROR("Move to %i not allowed because it is out of range", targetTicks);
339385
return IPS_ALERT;
@@ -442,7 +488,19 @@ void CelestronSCT::TimerHit()
442488
usleep(500000); // slowing things down while calibrating seems to help
443489
// check the calibration state
444490
Aux::buffer reply;
445-
communicator.sendCommand(PortFD, Aux::Target::FOCUSER, Aux::Command::FOC_CALIB_DONE, reply);
491+
if (!communicator.sendCommand(PortFD, Aux::Target::FOCUSER, Aux::Command::FOC_CALIB_DONE, reply))
492+
{
493+
LOG_ERROR("Failed to get calibration status");
494+
return;
495+
}
496+
497+
// Need at least 2 bytes for complete flag and state
498+
if (reply.size() < 2)
499+
{
500+
LOG_ERROR("Invalid calibration status response size");
501+
return;
502+
}
503+
446504
bool complete = reply[0] > 0;
447505
int state = reply[1];
448506

@@ -499,4 +557,3 @@ bool CelestronSCT::SetFocuserBacklash(int32_t steps)
499557
INDI_UNUSED(steps);
500558
return true;
501559
}
502-

0 commit comments

Comments
 (0)