Fixed angle_compensate_nodes array overflow issue#10
Fixed angle_compensate_nodes array overflow issue#10salihmarangoz wants to merge 1 commit intoSlamtec:masterfrom salihmarangoz:salihmarangoz-patch-1
Conversation
On A2, angle_compensate_nodes size is 720 but sometimes angle_value-angle_compensate_offset+j becomes equal to 720. This causes overflow at line 313
|
Related to: #1 |
WubinXia
force-pushed
the
master
branch
3 times, most recently
from
8548b73 to
934b402
Compare
| const int angle_compensate_nodes_count = 360*angle_compensate_multiple; | ||
| int angle_compensate_offset = 0; | ||
| rplidar_response_measurement_node_hq_t angle_compensate_nodes[angle_compensate_nodes_count]; | ||
| rplidar_response_measurement_node_hq_t angle_compensate_nodes[angle_compensate_nodes_count+8]; |
There was a problem hiding this comment.
Why hardcode 8 ? I would understand 1 to add one more time the size of a rplidar_response_measurement_node_hq_t to the size of the memory space, but 8 ? This is not a pointer, and even if it was, this an array on the stack, not a malloc-ed buffer, so the size is not counted the same by the language.
If 1 is not the correct option I don't know what is, but 8 is for sure not the right thing to write. The function being huge it is hard to tell what is what but there must be a variable or a formula that makes sense.
There was a problem hiding this comment.
8 is not the right thing to write. Because I already spent a lot time, I hate this but that's a solution at least.
Note: I have used Google's AddressSanitizer to detect the corruption. Valgrind or gdb didn't work for me.
|
I faced a similar issue today and it was fixed by a similar patch. I was running the node with a RPLidar A3 in Stability mode on a Raspi using the official usb module with the highest baudrate and it crashed consistently after a few seconds of running. |
2 participants
On A2, angle_compensate_nodes size is 720 but sometimes angle_value-angle_compensate_offset+j becomes equal to 720. This causes overflow at line 313