From c6dafadab44f8336baf414e28e40a6572e0c97f2 Mon Sep 17 00:00:00 2001 From: Matt Woodward Date: Tue, 21 Nov 2023 13:08:02 +1100 Subject: [PATCH] Fix decoding of truncated messages containing variable length arrays --- c/src/v4/acquisition.c | 7 +++ c/src/v4/file_io.c | 6 +++ c/src/v4/flash.c | 3 ++ c/src/v4/integrity.c | 15 ++++++ c/src/v4/logging.c | 3 ++ c/src/v4/observation.c | 23 +++++++++ c/src/v4/piksi.c | 12 +++++ c/src/v4/signing.c | 21 +++++++++ c/src/v4/solution_meta.c | 8 ++++ c/src/v4/ssr.c | 47 +++++++++++++++++++ c/src/v4/system.c | 10 ++++ c/src/v4/telemetry.c | 3 ++ c/src/v4/tracking.c | 15 ++++++ c/src/v4/user.c | 3 ++ .../resources/c/src/sbp_messages_template.c | 3 ++ 15 files changed, 179 insertions(+) diff --git a/c/src/v4/acquisition.c b/c/src/v4/acquisition.c index 25a486d22e..f55d72ff94 100644 --- a/c/src/v4/acquisition.c +++ b/c/src/v4/acquisition.c @@ -822,6 +822,9 @@ s8 sbp_msg_acq_sv_profile_encode(uint8_t *buf, uint8_t len, uint8_t *n_written, bool sbp_msg_acq_sv_profile_decode_internal(sbp_decode_ctx_t *ctx, sbp_msg_acq_sv_profile_t *msg) { + if (((ctx->buf_len - ctx->offset) % SBP_ACQ_SV_PROFILE_ENCODED_LEN) != 0) { + return false; + } msg->n_acq_sv_profile = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ACQ_SV_PROFILE_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_acq_sv_profile; i++) { @@ -904,6 +907,10 @@ s8 sbp_msg_acq_sv_profile_dep_encode(uint8_t *buf, uint8_t len, bool sbp_msg_acq_sv_profile_dep_decode_internal( sbp_decode_ctx_t *ctx, sbp_msg_acq_sv_profile_dep_t *msg) { + if (((ctx->buf_len - ctx->offset) % SBP_ACQ_SV_PROFILE_DEP_ENCODED_LEN) != + 0) { + return false; + } msg->n_acq_sv_profile = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ACQ_SV_PROFILE_DEP_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_acq_sv_profile; i++) { diff --git a/c/src/v4/file_io.c b/c/src/v4/file_io.c index 659a2d3577..c88e9b775b 100644 --- a/c/src/v4/file_io.c +++ b/c/src/v4/file_io.c @@ -257,6 +257,9 @@ bool sbp_msg_fileio_read_resp_decode_internal(sbp_decode_ctx_t *ctx, if (!sbp_u32_decode(ctx, &msg->sequence)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_ENCODED_LEN_U8) != 0) { + return false; + } msg->n_contents = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ENCODED_LEN_U8); for (uint8_t i = 0; i < msg->n_contents; i++) { @@ -1009,6 +1012,9 @@ bool sbp_msg_fileio_write_req_decode_internal(sbp_decode_ctx_t *ctx, &msg->filename, SBP_MSG_FILEIO_WRITE_REQ_FILENAME_MAX, ctx)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_ENCODED_LEN_U8) != 0) { + return false; + } msg->n_data = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ENCODED_LEN_U8); for (uint8_t i = 0; i < msg->n_data; i++) { if (!sbp_u8_decode(ctx, &msg->data[i])) { diff --git a/c/src/v4/flash.c b/c/src/v4/flash.c index 6ba7deb9e8..0750a8945d 100644 --- a/c/src/v4/flash.c +++ b/c/src/v4/flash.c @@ -65,6 +65,9 @@ bool sbp_msg_flash_program_decode_internal(sbp_decode_ctx_t *ctx, if (!sbp_u8_decode(ctx, &msg->addr_len)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_ENCODED_LEN_U8) != 0) { + return false; + } msg->addr_len = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ENCODED_LEN_U8); for (uint8_t i = 0; i < msg->addr_len; i++) { if (!sbp_u8_decode(ctx, &msg->data[i])) { diff --git a/c/src/v4/integrity.c b/c/src/v4/integrity.c index 41a45a5149..c5435157ee 100644 --- a/c/src/v4/integrity.c +++ b/c/src/v4/integrity.c @@ -435,6 +435,9 @@ bool sbp_msg_ssr_flag_satellites_decode_internal( if (!sbp_u8_decode(ctx, &msg->n_faulty_sats)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_ENCODED_LEN_U8) != 0) { + return false; + } msg->n_faulty_sats = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ENCODED_LEN_U8); for (uint8_t i = 0; i < msg->n_faulty_sats; i++) { @@ -564,6 +567,9 @@ bool sbp_msg_ssr_flag_tropo_grid_points_decode_internal( if (!sbp_u8_decode(ctx, &msg->n_faulty_points)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_ENCODED_LEN_U16) != 0) { + return false; + } msg->n_faulty_points = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ENCODED_LEN_U16); for (uint8_t i = 0; i < msg->n_faulty_points; i++) { @@ -669,6 +675,9 @@ bool sbp_msg_ssr_flag_iono_grid_points_decode_internal( if (!sbp_u8_decode(ctx, &msg->n_faulty_points)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_ENCODED_LEN_U16) != 0) { + return false; + } msg->n_faulty_points = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ENCODED_LEN_U16); for (uint8_t i = 0; i < msg->n_faulty_points; i++) { @@ -774,6 +783,9 @@ bool sbp_msg_ssr_flag_iono_tile_sat_los_decode_internal( if (!sbp_u8_decode(ctx, &msg->n_faulty_los)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_SV_ID_ENCODED_LEN) != 0) { + return false; + } msg->n_faulty_los = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_SV_ID_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_faulty_los; i++) { @@ -886,6 +898,9 @@ bool sbp_msg_ssr_flag_iono_grid_point_sat_los_decode_internal( if (!sbp_u8_decode(ctx, &msg->n_faulty_los)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_SV_ID_ENCODED_LEN) != 0) { + return false; + } msg->n_faulty_los = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_SV_ID_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_faulty_los; i++) { diff --git a/c/src/v4/logging.c b/c/src/v4/logging.c index 72113d780e..3c18cce602 100644 --- a/c/src/v4/logging.c +++ b/c/src/v4/logging.c @@ -208,6 +208,9 @@ bool sbp_msg_fwd_decode_internal(sbp_decode_ctx_t *ctx, sbp_msg_fwd_t *msg) { if (!sbp_u8_decode(ctx, &msg->protocol)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_ENCODED_LEN_U8) != 0) { + return false; + } msg->n_fwd_payload = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ENCODED_LEN_U8); for (uint8_t i = 0; i < msg->n_fwd_payload; i++) { diff --git a/c/src/v4/observation.c b/c/src/v4/observation.c index f7e3c30f5c..967b3eea5d 100644 --- a/c/src/v4/observation.c +++ b/c/src/v4/observation.c @@ -442,6 +442,10 @@ bool sbp_msg_obs_decode_internal(sbp_decode_ctx_t *ctx, sbp_msg_obs_t *msg) { if (!sbp_observation_header_decode_internal(ctx, &msg->header)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_PACKED_OBS_CONTENT_ENCODED_LEN) != + 0) { + return false; + } msg->n_obs = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_PACKED_OBS_CONTENT_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_obs; i++) { @@ -6486,6 +6490,10 @@ bool sbp_msg_obs_dep_a_decode_internal(sbp_decode_ctx_t *ctx, if (!sbp_observation_header_dep_decode_internal(ctx, &msg->header)) { return false; } + if (((ctx->buf_len - ctx->offset) % + SBP_PACKED_OBS_CONTENT_DEP_A_ENCODED_LEN) != 0) { + return false; + } msg->n_obs = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_PACKED_OBS_CONTENT_DEP_A_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_obs; i++) { @@ -6577,6 +6585,10 @@ bool sbp_msg_obs_dep_b_decode_internal(sbp_decode_ctx_t *ctx, if (!sbp_observation_header_dep_decode_internal(ctx, &msg->header)) { return false; } + if (((ctx->buf_len - ctx->offset) % + SBP_PACKED_OBS_CONTENT_DEP_B_ENCODED_LEN) != 0) { + return false; + } msg->n_obs = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_PACKED_OBS_CONTENT_DEP_B_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_obs; i++) { @@ -6668,6 +6680,10 @@ bool sbp_msg_obs_dep_c_decode_internal(sbp_decode_ctx_t *ctx, if (!sbp_observation_header_dep_decode_internal(ctx, &msg->header)) { return false; } + if (((ctx->buf_len - ctx->offset) % + SBP_PACKED_OBS_CONTENT_DEP_C_ENCODED_LEN) != 0) { + return false; + } msg->n_obs = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_PACKED_OBS_CONTENT_DEP_C_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_obs; i++) { @@ -8726,6 +8742,9 @@ s8 sbp_msg_sv_az_el_encode(uint8_t *buf, uint8_t len, uint8_t *n_written, bool sbp_msg_sv_az_el_decode_internal(sbp_decode_ctx_t *ctx, sbp_msg_sv_az_el_t *msg) { + if (((ctx->buf_len - ctx->offset) % SBP_SV_AZ_EL_ENCODED_LEN) != 0) { + return false; + } msg->n_azel = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_SV_AZ_EL_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_azel; i++) { @@ -8809,6 +8828,10 @@ bool sbp_msg_osr_decode_internal(sbp_decode_ctx_t *ctx, sbp_msg_osr_t *msg) { if (!sbp_observation_header_decode_internal(ctx, &msg->header)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_PACKED_OSR_CONTENT_ENCODED_LEN) != + 0) { + return false; + } msg->n_obs = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_PACKED_OSR_CONTENT_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_obs; i++) { diff --git a/c/src/v4/piksi.c b/c/src/v4/piksi.c index dd83a64ab9..87160dccdb 100644 --- a/c/src/v4/piksi.c +++ b/c/src/v4/piksi.c @@ -2323,6 +2323,9 @@ s8 sbp_msg_network_bandwidth_usage_encode( bool sbp_msg_network_bandwidth_usage_decode_internal( sbp_decode_ctx_t *ctx, sbp_msg_network_bandwidth_usage_t *msg) { + if (((ctx->buf_len - ctx->offset) % SBP_NETWORK_USAGE_ENCODED_LEN) != 0) { + return false; + } msg->n_interfaces = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_NETWORK_USAGE_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_interfaces; i++) { @@ -2418,6 +2421,9 @@ bool sbp_msg_cell_modem_status_decode_internal( if (!sbp_float_decode(ctx, &msg->signal_error_rate)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_ENCODED_LEN_U8) != 0) { + return false; + } msg->n_reserved = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ENCODED_LEN_U8); for (uint8_t i = 0; i < msg->n_reserved; i++) { @@ -2545,6 +2551,9 @@ bool sbp_msg_specan_dep_decode_internal(sbp_decode_ctx_t *ctx, if (!sbp_float_decode(ctx, &msg->amplitude_unit)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_ENCODED_LEN_U8) != 0) { + return false; + } msg->n_amplitude_value = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ENCODED_LEN_U8); for (uint8_t i = 0; i < msg->n_amplitude_value; i++) { @@ -2691,6 +2700,9 @@ bool sbp_msg_specan_decode_internal(sbp_decode_ctx_t *ctx, if (!sbp_float_decode(ctx, &msg->amplitude_unit)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_ENCODED_LEN_U8) != 0) { + return false; + } msg->n_amplitude_value = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ENCODED_LEN_U8); for (uint8_t i = 0; i < msg->n_amplitude_value; i++) { diff --git a/c/src/v4/signing.c b/c/src/v4/signing.c index d449e2c24b..27f5d2ffc2 100644 --- a/c/src/v4/signing.c +++ b/c/src/v4/signing.c @@ -261,6 +261,9 @@ bool sbp_msg_ecdsa_certificate_decode_internal( if (!sbp_u8_decode(ctx, &msg->flags)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_ENCODED_LEN_U8) != 0) { + return false; + } msg->n_certificate_bytes = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ENCODED_LEN_U8); for (uint8_t i = 0; i < msg->n_certificate_bytes; i++) { @@ -699,6 +702,9 @@ bool sbp_msg_ecdsa_signature_decode_internal(sbp_decode_ctx_t *ctx, if (!sbp_ecdsa_signature_decode_internal(ctx, &msg->signature)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_ENCODED_LEN_U8) != 0) { + return false; + } msg->n_signed_messages = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ENCODED_LEN_U8); for (uint8_t i = 0; i < msg->n_signed_messages; i++) { @@ -855,6 +861,9 @@ bool sbp_msg_ecdsa_signature_dep_b_decode_internal( return false; } } + if (((ctx->buf_len - ctx->offset) % SBP_ENCODED_LEN_U8) != 0) { + return false; + } msg->n_signed_messages = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ENCODED_LEN_U8); for (uint8_t i = 0; i < msg->n_signed_messages; i++) { @@ -1014,6 +1023,9 @@ bool sbp_msg_ecdsa_signature_dep_a_decode_internal( return false; } } + if (((ctx->buf_len - ctx->offset) % SBP_ENCODED_LEN_U8) != 0) { + return false; + } msg->n_signed_messages = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ENCODED_LEN_U8); for (uint8_t i = 0; i < msg->n_signed_messages; i++) { @@ -1145,6 +1157,9 @@ bool sbp_msg_ed25519_certificate_dep_decode_internal( return false; } } + if (((ctx->buf_len - ctx->offset) % SBP_ENCODED_LEN_U8) != 0) { + return false; + } msg->n_certificate_bytes = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ENCODED_LEN_U8); for (uint8_t i = 0; i < msg->n_certificate_bytes; i++) { @@ -1262,6 +1277,9 @@ bool sbp_msg_ed25519_signature_dep_a_decode_internal( return false; } } + if (((ctx->buf_len - ctx->offset) % SBP_ENCODED_LEN_U32) != 0) { + return false; + } msg->n_signed_messages = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ENCODED_LEN_U32); for (uint8_t i = 0; i < msg->n_signed_messages; i++) { @@ -1394,6 +1412,9 @@ bool sbp_msg_ed25519_signature_dep_b_decode_internal( return false; } } + if (((ctx->buf_len - ctx->offset) % SBP_ENCODED_LEN_U32) != 0) { + return false; + } msg->n_signed_messages = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ENCODED_LEN_U32); for (uint8_t i = 0; i < msg->n_signed_messages; i++) { diff --git a/c/src/v4/solution_meta.c b/c/src/v4/solution_meta.c index 7cacd3199a..5f4b8b9df1 100644 --- a/c/src/v4/solution_meta.c +++ b/c/src/v4/solution_meta.c @@ -160,6 +160,10 @@ bool sbp_msg_soln_meta_dep_a_decode_internal(sbp_decode_ctx_t *ctx, if (!sbp_u32_decode(ctx, &msg->last_used_gnss_vel_tow)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_SOLUTION_INPUT_TYPE_ENCODED_LEN) != + 0) { + return false; + } msg->n_sol_in = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_SOLUTION_INPUT_TYPE_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_sol_in; i++) { @@ -317,6 +321,10 @@ bool sbp_msg_soln_meta_decode_internal(sbp_decode_ctx_t *ctx, if (!sbp_u32_decode(ctx, &msg->age_gnss)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_SOLUTION_INPUT_TYPE_ENCODED_LEN) != + 0) { + return false; + } msg->n_sol_in = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_SOLUTION_INPUT_TYPE_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_sol_in; i++) { diff --git a/c/src/v4/ssr.c b/c/src/v4/ssr.c index ef5981b878..0b34711bd6 100644 --- a/c/src/v4/ssr.c +++ b/c/src/v4/ssr.c @@ -1104,6 +1104,10 @@ bool sbp_msg_ssr_code_biases_decode_internal(sbp_decode_ctx_t *ctx, if (!sbp_u8_decode(ctx, &msg->iod_ssr)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_CODE_BIASES_CONTENT_ENCODED_LEN) != + 0) { + return false; + } msg->n_biases = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_CODE_BIASES_CONTENT_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_biases; i++) { @@ -1254,6 +1258,10 @@ bool sbp_msg_ssr_phase_biases_decode_internal(sbp_decode_ctx_t *ctx, if (!sbp_s8_decode(ctx, &msg->yaw_rate)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_PHASE_BIASES_CONTENT_ENCODED_LEN) != + 0) { + return false; + } msg->n_biases = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_PHASE_BIASES_CONTENT_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_biases; i++) { @@ -1382,6 +1390,9 @@ bool sbp_msg_ssr_stec_correction_dep_decode_internal( if (!sbp_stec_header_decode_internal(ctx, &msg->header)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_STEC_SAT_ELEMENT_ENCODED_LEN) != 0) { + return false; + } msg->n_stec_sat_list = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_STEC_SAT_ELEMENT_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_stec_sat_list; i++) { @@ -1601,6 +1612,9 @@ bool sbp_msg_ssr_stec_correction_decode_internal( if (!sbp_u8_decode(ctx, &msg->n_sats)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_STEC_SAT_ELEMENT_ENCODED_LEN) != 0) { + return false; + } msg->n_sats = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_STEC_SAT_ELEMENT_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_sats; i++) { @@ -1728,6 +1742,9 @@ bool sbp_msg_ssr_gridded_correction_decode_internal( ctx, &msg->tropo_delay_correction)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_STEC_RESIDUAL_ENCODED_LEN) != 0) { + return false; + } msg->n_stec_residuals = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_STEC_RESIDUAL_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_stec_residuals; i++) { @@ -2006,6 +2023,10 @@ bool sbp_msg_ssr_gridded_correction_bounds_decode_internal( if (!sbp_u8_decode(ctx, &msg->n_sats)) { return false; } + if (((ctx->buf_len - ctx->offset) % + SBP_STEC_SAT_ELEMENT_INTEGRITY_ENCODED_LEN) != 0) { + return false; + } msg->n_sats = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_STEC_SAT_ELEMENT_INTEGRITY_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_sats; i++) { @@ -2805,6 +2826,9 @@ s8 sbp_msg_ssr_satellite_apc_dep_encode( bool sbp_msg_ssr_satellite_apc_dep_decode_internal( sbp_decode_ctx_t *ctx, sbp_msg_ssr_satellite_apc_dep_t *msg) { + if (((ctx->buf_len - ctx->offset) % SBP_SATELLITE_APC_ENCODED_LEN) != 0) { + return false; + } msg->n_apc = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_SATELLITE_APC_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_apc; i++) { @@ -2912,6 +2936,9 @@ bool sbp_msg_ssr_satellite_apc_decode_internal( if (!sbp_u8_decode(ctx, &msg->iod_ssr)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_SATELLITE_APC_ENCODED_LEN) != 0) { + return false; + } msg->n_apc = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_SATELLITE_APC_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_apc; i++) { @@ -3568,6 +3595,9 @@ bool sbp_msg_ssr_stec_correction_dep_a_decode_internal( if (!sbp_stec_header_dep_a_decode_internal(ctx, &msg->header)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_STEC_SAT_ELEMENT_ENCODED_LEN) != 0) { + return false; + } msg->n_stec_sat_list = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_STEC_SAT_ELEMENT_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_stec_sat_list; i++) { @@ -3678,6 +3708,10 @@ bool sbp_msg_ssr_gridded_correction_no_std_dep_a_decode_internal( ctx, &msg->tropo_delay_correction)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_STEC_RESIDUAL_NO_STD_ENCODED_LEN) != + 0) { + return false; + } msg->n_stec_residuals = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_STEC_RESIDUAL_NO_STD_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_stec_residuals; i++) { @@ -3800,6 +3834,9 @@ bool sbp_msg_ssr_gridded_correction_dep_a_decode_internal( ctx, &msg->tropo_delay_correction)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_STEC_RESIDUAL_ENCODED_LEN) != 0) { + return false; + } msg->n_stec_residuals = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_STEC_RESIDUAL_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_stec_residuals; i++) { @@ -3905,6 +3942,9 @@ bool sbp_msg_ssr_grid_definition_dep_a_decode_internal( if (!sbp_grid_definition_header_dep_a_decode_internal(ctx, &msg->header)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_ENCODED_LEN_U8) != 0) { + return false; + } msg->n_rle_list = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ENCODED_LEN_U8); for (uint8_t i = 0; i < msg->n_rle_list; i++) { @@ -4163,6 +4203,9 @@ bool sbp_msg_ssr_orbit_clock_bounds_decode_internal( if (!sbp_u8_decode(ctx, &msg->n_sats)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_ORBIT_CLOCK_BOUND_ENCODED_LEN) != 0) { + return false; + } msg->n_sats = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ORBIT_CLOCK_BOUND_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_sats; i++) { @@ -4408,6 +4451,10 @@ bool sbp_msg_ssr_code_phase_biases_bounds_decode_internal( if (!sbp_u8_decode(ctx, &msg->n_sats_signals)) { return false; } + if (((ctx->buf_len - ctx->offset) % + SBP_CODE_PHASE_BIASES_SAT_SIG_ENCODED_LEN) != 0) { + return false; + } msg->n_sats_signals = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_CODE_PHASE_BIASES_SAT_SIG_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_sats_signals; i++) { diff --git a/c/src/v4/system.c b/c/src/v4/system.c index c007f3cd40..4a80719663 100644 --- a/c/src/v4/system.c +++ b/c/src/v4/system.c @@ -509,6 +509,9 @@ bool sbp_msg_status_report_decode_internal(sbp_decode_ctx_t *ctx, if (!sbp_u32_decode(ctx, &msg->uptime)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_SUB_SYSTEM_REPORT_ENCODED_LEN) != 0) { + return false; + } msg->n_status = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_SUB_SYSTEM_REPORT_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_status; i++) { @@ -702,6 +705,10 @@ bool sbp_msg_status_journal_decode_internal(sbp_decode_ctx_t *ctx, if (!sbp_u8_decode(ctx, &msg->sequence_descriptor)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_STATUS_JOURNAL_ITEM_ENCODED_LEN) != + 0) { + return false; + } msg->n_journal = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_STATUS_JOURNAL_ITEM_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_journal; i++) { @@ -1748,6 +1755,9 @@ bool sbp_msg_group_meta_decode_internal(sbp_decode_ctx_t *ctx, if (!sbp_u8_decode(ctx, &msg->n_group_msgs)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_ENCODED_LEN_U16) != 0) { + return false; + } msg->n_group_msgs = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ENCODED_LEN_U16); for (uint8_t i = 0; i < msg->n_group_msgs; i++) { diff --git a/c/src/v4/telemetry.c b/c/src/v4/telemetry.c index 6f48ba4156..7acb192e73 100644 --- a/c/src/v4/telemetry.c +++ b/c/src/v4/telemetry.c @@ -212,6 +212,9 @@ bool sbp_msg_tel_sv_decode_internal(sbp_decode_ctx_t *ctx, if (!sbp_u8_decode(ctx, &msg->origin_flags)) { return false; } + if (((ctx->buf_len - ctx->offset) % SBP_TELEMETRY_SV_ENCODED_LEN) != 0) { + return false; + } msg->n_sv_tel = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_TELEMETRY_SV_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_sv_tel; i++) { diff --git a/c/src/v4/tracking.c b/c/src/v4/tracking.c index df2822c079..deb8c042ab 100644 --- a/c/src/v4/tracking.c +++ b/c/src/v4/tracking.c @@ -712,6 +712,10 @@ s8 sbp_msg_tracking_state_encode(uint8_t *buf, uint8_t len, uint8_t *n_written, bool sbp_msg_tracking_state_decode_internal(sbp_decode_ctx_t *ctx, sbp_msg_tracking_state_t *msg) { + if (((ctx->buf_len - ctx->offset) % SBP_TRACKING_CHANNEL_STATE_ENCODED_LEN) != + 0) { + return false; + } msg->n_states = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_TRACKING_CHANNEL_STATE_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_states; i++) { @@ -862,6 +866,9 @@ s8 sbp_msg_measurement_state_encode(uint8_t *buf, uint8_t len, bool sbp_msg_measurement_state_decode_internal( sbp_decode_ctx_t *ctx, sbp_msg_measurement_state_t *msg) { + if (((ctx->buf_len - ctx->offset) % SBP_MEASUREMENT_STATE_ENCODED_LEN) != 0) { + return false; + } msg->n_states = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_MEASUREMENT_STATE_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_states; i++) { @@ -1478,6 +1485,10 @@ s8 sbp_msg_tracking_state_dep_a_encode( bool sbp_msg_tracking_state_dep_a_decode_internal( sbp_decode_ctx_t *ctx, sbp_msg_tracking_state_dep_a_t *msg) { + if (((ctx->buf_len - ctx->offset) % + SBP_TRACKING_CHANNEL_STATE_DEP_A_ENCODED_LEN) != 0) { + return false; + } msg->n_states = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_TRACKING_CHANNEL_STATE_DEP_A_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_states; i++) { @@ -1644,6 +1655,10 @@ s8 sbp_msg_tracking_state_dep_b_encode( bool sbp_msg_tracking_state_dep_b_decode_internal( sbp_decode_ctx_t *ctx, sbp_msg_tracking_state_dep_b_t *msg) { + if (((ctx->buf_len - ctx->offset) % + SBP_TRACKING_CHANNEL_STATE_DEP_B_ENCODED_LEN) != 0) { + return false; + } msg->n_states = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_TRACKING_CHANNEL_STATE_DEP_B_ENCODED_LEN); for (uint8_t i = 0; i < msg->n_states; i++) { diff --git a/c/src/v4/user.c b/c/src/v4/user.c index a761167a12..b56f5e0677 100644 --- a/c/src/v4/user.c +++ b/c/src/v4/user.c @@ -43,6 +43,9 @@ s8 sbp_msg_user_data_encode(uint8_t *buf, uint8_t len, uint8_t *n_written, bool sbp_msg_user_data_decode_internal(sbp_decode_ctx_t *ctx, sbp_msg_user_data_t *msg) { + if (((ctx->buf_len - ctx->offset) % SBP_ENCODED_LEN_U8) != 0) { + return false; + } msg->n_contents = (uint8_t)((ctx->buf_len - ctx->offset) / SBP_ENCODED_LEN_U8); for (uint8_t i = 0; i < msg->n_contents; i++) { diff --git a/generator/sbpg/targets/resources/c/src/sbp_messages_template.c b/generator/sbpg/targets/resources/c/src/sbp_messages_template.c index 671261d912..4aa5e51c9c 100644 --- a/generator/sbpg/targets/resources/c/src/sbp_messages_template.c +++ b/generator/sbpg/targets/resources/c/src/sbp_messages_template.c @@ -218,6 +218,9 @@ bool (((m.internal_decode_fn)))(sbp_decode_ctx_t *ctx, (((m.type_name))) *msg) if (!(((f.decode_fn)))(ctx, &(((field)))[i])) { return false; } } ((*- elif f.packing == "variable-array" *)) + if ( ((ctx->buf_len - ctx->offset) % (((f.encoded_len_macro)))) != 0) { + return false; + } msg->(((f.size_fn))) = (uint8_t)((ctx->buf_len - ctx->offset) / (((f.encoded_len_macro)))); for (uint8_t i = 0; i < msg->(((f.size_fn))); i++) { if (!(((f.decode_fn)))(ctx, &(((field)))[i])) { return false; }