Closed dlkeng closed 2 years ago
Thanks for the code review. Yeah this all looks about right.
I'll correct these issues and make the new firmware available as soon as I can.
v11 addresses all of these issues to my satisfaction. Please feel free to check it out,
Please also keep in mind that the current firmware now compiles to 8094 bytes and the target uC only has 8192 bytes of progmem. While some features/fixes may not be robust, trade-offs have to be made. I believe (with the addition of i2c address validation) that any wayward register writes could now, in the worst case, be corrected by power cycling the device, which may not be a high bar to clear, but thanks to your testing we now clear it.
In reviewing and testing the "Qwiic_Fan_Controller.ino" firmware, I have observed and run into the following bugs:
updateSettings()
: line 266: What ifregisterMap[WIRE_ADDR]
is an invalid I2C address? ThereceiveEvent()
allows any value to be written to any register!requestEvent()
: line 388:requestEvent()
always writes 17 bytes. What ifregisterIndex
is greater than zero? It will then return bytes beyond the end ofregisterMap[]
! (not fatal, but not good!)receiveEvent()
: line 435:receivedCommands[0]
is an invalid register address? It will then allow bytes to be written beyond the end ofregisterMap[]
!bytesReceived
is greater thanMAX_SENT_BYTES
? It will then allow whatever is in the memory beyond the end ofreceivedCommands[]
to be written toregisterMap[]
!registerMap[]
? For example, assumereceivedCommands[0]
isTRIMMER_DISABLE
and multiple bytes were sent. Any received bytes after the first one would be written to memory beyond the end ofregisterMap[]
!In summary, the
receiveEvent()
callback function has some serious memory integrity issues!