Check remaining size before resizing sequences (#130)

* Check remaining size before resizing sequences

Signed-off-by: Miguel Company <[email protected]>

* Avoid linter complaining of too long function.

Signed-off-by: Miguel Company <[email protected]>

---------

Signed-off-by: Miguel Company <[email protected]>

Author: MiguelCompany

rosidl_typesupport_fastrtps_c/resource/msg__type_support_c.cpp.em

@@ -356,6 +356,16 @@ else:
     uint32_t cdrSize;
     cdr >> cdrSize;
     size_t size = static_cast<size_t>(cdrSize);
+
+    // Check there are at least 'size' remaining bytes in the CDR stream before resizing
+    auto old_state = cdr.get_state();
+    bool correct_size = cdr.jump(size);
+    cdr.set_state(old_state);
+    if (!correct_size) {
+      fprintf(stderr, "sequence size exceeds remaining buffer\n");
+      return false;
+    }
+
     if (ros_message->@(member.name).data) {
       @(array_fini)(&ros_message->@(member.name));
     }

rosidl_typesupport_fastrtps_cpp/resource/msg__type_support.cpp.em

@@ -235,6 +235,16 @@ cdr_deserialize(
     uint32_t cdrSize;
     cdr >> cdrSize;
     size_t size = static_cast<size_t>(cdrSize);
+
+    // Check there are at least 'size' remaining bytes in the CDR stream before resizing
+    auto old_state = cdr.get_state();
+    bool correct_size = cdr.jump(size);
+    cdr.set_state(old_state);
+    if (!correct_size) {
+      fprintf(stderr, "sequence size exceeds remaining buffer\n");
+      return false;
+    }
+
     ros_message.@(member.name).resize(size);
 @[        if isinstance(member.type.value_type, BasicType) and member.type.value_type.typename not in ('boolean', 'wchar')]@
     if (size > 0) {
@@ -296,7 +306,7 @@ cdr_deserialize(
 
 @[end for]@
   return true;
-}
+}  // NOLINT(readability/fn_size)
 
 @{