Possible bug in LWIP version of wiced_packet_get_data

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
Anonymous
Not applicable
[SDK-2.3.1]

There seems to be a bug in wiced_packet_get_data, where data_length is assigned the length of the entire packets netbuf, rather than individual contiguous pbuf:

*data_length = packet->p->tot_len;

...

*data_length = (uint16_t)(*data_length - offset);

E.g., if I have a netbuf of 2 pbufs of 5 bytes, and read at offset 0:

data_length = 10

available_length = 10

data = ... pbuf (5 bytes)

So I will read past the end of data if I try to read more than 5 bytes.

I think the initial value should be the length of the current pbuf:

*data_length = packet->p->len;

...

*data_length = (uint16_t)(*data_length - offset);

So same read at 0 would be:

data_length = 5

available_length = 10

data = ... pbuf (5 bytes)

0 Likes
5 Replies