tomlogic
commented
4 years ago Ah, good catch! Looks like it should be if (length >= end_space). We need to get a test in test/xbee/t_cbuf.c to trigger that.
Closed yuanye0814 closed 4 years ago
tomlogic
commented
4 years ago Ah, good catch! Looks like it should be if (length >= end_space). We need to get a test in test/xbee/t_cbuf.c to trigger that.
tomlogic
commented
4 years ago Thanks for reporting this, @yuanye0814.
acpie360
commented
3 years ago Instead of using memcpy for the put operation, would that be easier to simply call xbee_cbuf_putch()? `unsigned int xbee_cbuf_put(xbee_cbuf_t FAR cbuf, const void FAR buffer, unsigned int length) { int res; int i; const uint8_t * data;
data = buffer;
for (i = 0; i < length; i++)
{
res = xbee_cbuf_putch(cbuf, data[i]);
if (res == 0)
{
break;
}
}
return i;}`
tomlogic
commented
3 years ago Although easier and would have avoided this bug, it would be far less efficient to call xbee_cbuf_putch() for each character.
When length equals end_space, the tail value may overflow. cbuf->tail = cbuf->tail + length;
such as, when cbuf->maks = 255; cbuf->tail = 255; length = 1;
after calculation: cbuf->tail = 256.