[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Commit-gnuradio] r10014 - openbts/branches/developers/dburgess00/trunk/
|
From: |
dburgess00 |
|
Subject: |
[Commit-gnuradio] r10014 - openbts/branches/developers/dburgess00/trunk/Transceiver |
|
Date: |
Tue, 18 Nov 2008 15:30:05 -0700 (MST) |
Author: dburgess00
Date: 2008-11-18 15:30:04 -0700 (Tue, 18 Nov 2008)
New Revision: 10014
Modified:
openbts/branches/developers/dburgess00/trunk/Transceiver/USRPDevice.cpp
openbts/branches/developers/dburgess00/trunk/Transceiver/USRPDevice.h
Log:
Added bounds-checking on memcpy operations to fix bug #319.
Modified:
openbts/branches/developers/dburgess00/trunk/Transceiver/USRPDevice.cpp
===================================================================
--- openbts/branches/developers/dburgess00/trunk/Transceiver/USRPDevice.cpp
2008-11-18 21:45:31 UTC (rev 10013)
+++ openbts/branches/developers/dburgess00/trunk/Transceiver/USRPDevice.cpp
2008-11-18 22:30:04 UTC (rev 10014)
@@ -236,7 +236,7 @@
m_uRx->write_aux_dac(1,0,(int) ceil(0.2*4096.0/3.3)); // set to maximum
gain
}
- currData = new short[curDataSize];
+ currData = new short[currDataSize];
currTimestamp = 0;
currLen = 0;
timestampOffset = 0;
@@ -350,7 +350,8 @@
COUT("Missing packet, compensating...")
currLen = pktTimestamp - currTimestamp;
}
- memcpy(currData+currLen*2,tmpBuf+2,payloadSz);
+ // currLen counts complex short samples. currData is *short, tmpBuf is
*unint_32.
+ if ((currLen*2+payloadSz)<=currDataSize)
memcpy(currData+currLen*2,tmpBuf+2,payloadSz);
currLen += (payloadSz/2/sizeof(short));
}
if (currTimestamp + currLen > timestamp + len) break;
@@ -368,7 +369,8 @@
// remove copied data from out local buffer
currTimestamp = timestamp + len;
- memcpy(currData,newDataPtr,sizeof(short)*(currLen*2 -
(newDataPtr-currData)));
+ unsigned copySize = sizeof(short)*(currLen*2 - (newDataPtr-currData));
+ if (copySize<currDataSize) memcpy(currData,newDataPtr,copySize);
currLen -= (newDataPtr-currData)/2;
return len;
Modified: openbts/branches/developers/dburgess00/trunk/Transceiver/USRPDevice.h
===================================================================
--- openbts/branches/developers/dburgess00/trunk/Transceiver/USRPDevice.h
2008-11-18 21:45:31 UTC (rev 10013)
+++ openbts/branches/developers/dburgess00/trunk/Transceiver/USRPDevice.h
2008-11-18 22:30:04 UTC (rev 10014)
@@ -51,7 +51,7 @@
bool started; ///< flag indicates USRP has started
bool skipRx; ///< set if USRP is transmit-only.
- static const short curDataSize = 200000;
+ static const unsigned currDataSize = 200000;
short *currData; ///< internal data buffer when reading from USRP
TIMESTAMP currTimestamp; ///< timestamp of internal data buffer
unsigned currLen; ///< size of internal data buffer
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Commit-gnuradio] r10014 - openbts/branches/developers/dburgess00/trunk/Transceiver,
dburgess00 <=