Commit 69a2cf74 authored by Jean-Paul Saman's avatar Jean-Paul Saman

ATSC descriptors: cleanup and review

- remove excess parenthesis
- add boundary checks
- explicite allocation of struct members
  requires explicite release of struct members when freeing
parent 1c5423a0
...@@ -43,35 +43,33 @@ dvbpsi_carousel_id_dr_t *dvbpsi_DecodeCarouselIdDr(dvbpsi_descriptor_t *p_descri ...@@ -43,35 +43,33 @@ dvbpsi_carousel_id_dr_t *dvbpsi_DecodeCarouselIdDr(dvbpsi_descriptor_t *p_descri
/* Check the tag */ /* Check the tag */
if (p_descriptor->i_tag != 0x13) if (p_descriptor->i_tag != 0x13)
{
return NULL; return NULL;
}
/* Don't decode twice */ /* Don't decode twice */
if (p_descriptor->p_decoded) if (p_descriptor->p_decoded)
{
return p_descriptor->p_decoded; return p_descriptor->p_decoded;
}
/* Check length */ /* Check length */
if (p_descriptor->i_length < 4) if (p_descriptor->i_length < 4)
{
return NULL; return NULL;
}
p_decoded = (dvbpsi_carousel_id_dr_t*)malloc(sizeof(dvbpsi_carousel_id_dr_t) + p_descriptor->i_length - 4); p_decoded = (dvbpsi_carousel_id_dr_t*)malloc(sizeof(dvbpsi_carousel_id_dr_t));
if (!p_decoded) if (!p_decoded)
return NULL;
p_decoded->p_private_data = malloc(p_descriptor->i_length - 4);
if (!p_decoded->s_private_data)
{ {
free(p_decoded);
return NULL; return NULL;
} }
p_decoded->i_private_data_len = p_descriptor->i_length - 4;
p_decoded->i_carousel_id = ((p_descriptor->p_data[0] & 0xff) << 24) | ((p_descriptor->p_data[1] & 0xff) << 16)|
((p_descriptor->p_data[2] & 0xff) << 8) | (p_descriptor->p_data[3] & 0xff);
p_decoded->i_carousel_id= ((p_descriptor->p_data[0] & 0xff) << 24) | ((p_descriptor->p_data[1] & 0xff) << 16)| memcpy(p_decoded->p_private_data, &p_descriptor->p_data[4], p_decoded->i_private_data_len);
((p_descriptor->p_data[2] & 0xff) << 8) | (p_descriptor->p_data[3] & 0xff);
p_decoded->i_private_data_len= p_descriptor->i_length - 4;
memcpy(p_decoded->s_private_data, &p_descriptor->p_data[4], p_decoded->i_private_data_len);
p_descriptor->p_decoded = (void*)p_decoded; p_descriptor->p_decoded = (void*)p_decoded;
return p_decoded; return p_decoded;
} }
...@@ -39,8 +39,8 @@ Decode Carousel id Descriptor. ...@@ -39,8 +39,8 @@ Decode Carousel id Descriptor.
typedef struct dvbpsi_carousel_id_dr_s typedef struct dvbpsi_carousel_id_dr_s
{ {
uint32_t i_carousel_id; uint32_t i_carousel_id;
uint8_t i_private_data_len; uint8_t i_private_data_len;
uint8_t s_private_data[0]; uint8_t *p_private_data; /*< allocated memory must be released */
}dvbpsi_carousel_id_dr_t; }dvbpsi_carousel_id_dr_t;
/***************************************************************************** /*****************************************************************************
......
...@@ -45,34 +45,39 @@ dvbpsi_association_tag_dr_t *dvbpsi_DecodeAssociationTagDr(dvbpsi_descriptor_t * ...@@ -45,34 +45,39 @@ dvbpsi_association_tag_dr_t *dvbpsi_DecodeAssociationTagDr(dvbpsi_descriptor_t *
/* Check the tag */ /* Check the tag */
if (p_descriptor->i_tag != 0x14) if (p_descriptor->i_tag != 0x14)
{
return NULL; return NULL;
}
/* Don't decode twice */ /* Don't decode twice */
if (p_descriptor->p_decoded) if (p_descriptor->p_decoded)
{
return p_descriptor->p_decoded; return p_descriptor->p_decoded;
}
/* Check length */ /* Check length */
if (p_descriptor->i_length < 5) if (p_descriptor->i_length < 5)
{
return NULL; return NULL;
}
selector_len = p_descriptor->p_data[4]; selector_len = p_descriptor->p_data[4];
/* Invalid selector length */ /* Invalid selector length */
if (selector_len + 5 > p_descriptor->i_length) if (selector_len + 5 > p_descriptor->i_length)
{
return NULL; return NULL;
}
private_data_len= p_descriptor->i_length - (5 + selector_len); private_data_len= p_descriptor->i_length - (5 + selector_len);
p_decoded = (dvbpsi_association_tag_dr_t*)malloc(sizeof(dvbpsi_association_tag_dr_t) + selector_len + private_data_len); p_decoded = (dvbpsi_association_tag_dr_t*)malloc(sizeof(dvbpsi_association_tag_dr_t));
if (!p_decoded) if (!p_decoded)
return NULL;
p_decoded->p_selector = malloc(selector_len);
if (!p_decoded->p_selector)
{
free(p_decoder);
return NULL;
}
p_decoded->p_private_data = malloc(private_data_len);
if (!p_decoded->p_private_data)
{ {
free(p_decoded->p_selector);
free(p_decoder);
return NULL; return NULL;
} }
...@@ -82,12 +87,10 @@ dvbpsi_association_tag_dr_t *dvbpsi_DecodeAssociationTagDr(dvbpsi_descriptor_t * ...@@ -82,12 +87,10 @@ dvbpsi_association_tag_dr_t *dvbpsi_DecodeAssociationTagDr(dvbpsi_descriptor_t *
p_decoded->i_private_data_len= private_data_len; p_decoded->i_private_data_len= private_data_len;
p_decoded->p_selector = ((void*)p_decoded) + sizeof(dvbpsi_association_tag_dr_t); p_decoded->p_selector = ((void*)p_decoded) + sizeof(dvbpsi_association_tag_dr_t);
p_decoded->p_private_data = p_decoded->p_selector + selector_len; p_decoded->p_private_data = p_decoded->p_selector + selector_len;
memcpy(p_decoded->p_selector, &p_descriptor->p_data[5 ], selector_len); memcpy(p_decoded->p_selector, &p_descriptor->p_data[5], selector_len);
memcpy(p_decoded->p_private_data, &p_descriptor->p_data[5 + selector_len], private_data_len); memcpy(p_decoded->p_private_data, &p_descriptor->p_data[5 + selector_len], private_data_len);
p_descriptor->p_decoded = (void*)p_decoded; p_descriptor->p_decoded = (void*)p_decoded;
return p_decoded; return p_decoded;
} }
...@@ -40,12 +40,11 @@ typedef struct dvbpsi_association_tag_dr_s ...@@ -40,12 +40,11 @@ typedef struct dvbpsi_association_tag_dr_s
{ {
uint16_t i_tag; uint16_t i_tag;
uint16_t i_use; uint16_t i_use;
uint8_t i_selector_len; uint8_t i_selector_len;
uint8_t *p_selector; uint8_t *p_selector;
uint8_t i_private_data_len; uint8_t i_private_data_len;
uint8_t *p_private_data; uint8_t *p_private_data; /*< release allocated memory */
} dvbpsi_association_tag_dr_t;
}dvbpsi_association_tag_dr_t;
/***************************************************************************** /*****************************************************************************
* dvbpsi_DecodeAssociationTagDr * dvbpsi_DecodeAssociationTagDr
......
...@@ -43,29 +43,23 @@ dvbpsi_frequency_list_dr_t *dvbpsi_DecodeFrequencyListDr(dvbpsi_descriptor_t *p_ ...@@ -43,29 +43,23 @@ dvbpsi_frequency_list_dr_t *dvbpsi_DecodeFrequencyListDr(dvbpsi_descriptor_t *p_
int i; int i;
/* Check the tag */ /* Check the tag */
if (p_descriptor->i_tag != 0x62) if (p_descriptor->i_tag != 0x62)
{
return NULL; return NULL;
}
/* Don't decode twice */ /* Don't decode twice */
if (p_descriptor->p_decoded) if (p_descriptor->p_decoded)
{
return p_descriptor->p_decoded; return p_descriptor->p_decoded;
}
/* Check length */ /* Check length */
if ((p_descriptor->i_length - 1) % 4) if ((p_descriptor->i_length - 1) % 4)
{
return NULL; return NULL;
}
p_decoded = (dvbpsi_frequency_list_dr_t*)malloc(sizeof(dvbpsi_frequency_list_dr_t)); p_decoded = (dvbpsi_frequency_list_dr_t*)malloc(sizeof(dvbpsi_frequency_list_dr_t));
if (!p_decoded) if (!p_decoded)
{
return NULL; return NULL;
}
p_decoded->i_number_of_frequencies = (p_descriptor->i_length - 1) / 4; p_decoded->i_number_of_frequencies = (p_descriptor->i_length - 1) / 4;
if (p_decoded->i_number_of_frequencies > ARRAY_SIZE(p_decoded->p_center_frequencies))
p_decoded->i_number_of_frequencies = ARRAY_SIZE(p_decoded->p_center_frequencies);
p_decoded->i_coding_type = p_descriptor->p_data[0] & 0x3; p_decoded->i_coding_type = p_descriptor->p_data[0] & 0x3;
......
...@@ -43,33 +43,30 @@ dvbpsi_data_broadcast_id_dr_t *dvbpsi_DecodeDataBroadcastIdDr(dvbpsi_descriptor_ ...@@ -43,33 +43,30 @@ dvbpsi_data_broadcast_id_dr_t *dvbpsi_DecodeDataBroadcastIdDr(dvbpsi_descriptor_
/* Check the tag */ /* Check the tag */
if (p_descriptor->i_tag != 0x66) if (p_descriptor->i_tag != 0x66)
{
return NULL; return NULL;
}
/* Don't decode twice */ /* Don't decode twice */
if (p_descriptor->p_decoded) if (p_descriptor->p_decoded)
{
return p_descriptor->p_decoded; return p_descriptor->p_decoded;
}
/* Check length */ /* Check length */
if (p_descriptor->i_length < 2) if (p_descriptor->i_length < 2)
{
return NULL; return NULL;
}
p_decoded = (dvbpsi_data_broadcast_id_dr_t*)malloc(sizeof(dvbpsi_data_broadcast_id_dr_t) + p_descriptor->i_length - 2); p_decoded = (dvbpsi_data_broadcast_id_dr_t*)malloc(sizeof(dvbpsi_data_broadcast_id_dr_t));
if (!p_decoded) if (!p_decoded)
return NULL;
p_decoded->p_id_selector = malloc(p_descriptor->i_length - 2);
if (!p_decoded->p_id_selector)
{ {
free(p_decoded);
return NULL; return NULL;
} }
p_decoded->i_data_broadcast_id = ((p_descriptor->p_data[0] & 0xff) << 8) | (p_descriptor->p_data[1] & 0xff); p_decoded->i_data_broadcast_id = ((p_descriptor->p_data[0] & 0xff) << 8) | (p_descriptor->p_data[1] & 0xff);
p_decoded->i_id_selector_len = p_descriptor->i_length - 2; p_decoded->i_id_selector_len = p_descriptor->i_length - 2;
memcpy(p_decoded->s_id_selector, &p_descriptor->p_data[2], p_decoded->i_id_selector_len); memcpy(p_decoded->p_id_selector, &p_descriptor->p_data[2], p_decoded->i_id_selector_len);
p_descriptor->p_decoded = (void*)p_decoded; p_descriptor->p_decoded = (void*)p_decoded;
return p_decoded; return p_decoded;
} }
...@@ -39,8 +39,8 @@ Decode Data Broadcast id Descriptor. ...@@ -39,8 +39,8 @@ Decode Data Broadcast id Descriptor.
typedef struct dvbpsi_data_broadcast_id_dr_s typedef struct dvbpsi_data_broadcast_id_dr_s
{ {
uint16_t i_data_broadcast_id; uint16_t i_data_broadcast_id;
uint8_t i_id_selector_len; uint8_t i_id_selector_len;
uint8_t s_id_selector[0]; uint8_t *p_id_selector; /*< release allocated memory */
}dvbpsi_data_broadcast_id_dr_t; }dvbpsi_data_broadcast_id_dr_t;
/***************************************************************************** /*****************************************************************************
......
...@@ -42,21 +42,19 @@ dvbpsi_default_authority_dr_t *dvbpsi_DecodeDefaultAuthorityDr(dvbpsi_descriptor ...@@ -42,21 +42,19 @@ dvbpsi_default_authority_dr_t *dvbpsi_DecodeDefaultAuthorityDr(dvbpsi_descriptor
/* Check the tag */ /* Check the tag */
if (p_descriptor->i_tag != 0x73) if (p_descriptor->i_tag != 0x73)
{
return NULL; return NULL;
}
/* Don't decode twice */ /* Don't decode twice */
if (p_descriptor->p_decoded) if (p_descriptor->p_decoded)
{
return p_descriptor->p_decoded; return p_descriptor->p_decoded;
}
p_decoded = (dvbpsi_default_authority_dr_t*)malloc(sizeof(dvbpsi_default_authority_dr_t)); p_decoded = (dvbpsi_default_authority_dr_t*)malloc(sizeof(dvbpsi_default_authority_dr_t));
if (!p_decoded) if (!p_decoded)
{
return NULL; return NULL;
}
if (p_descriptor->i_length > 255)
p_descriptor->i_length = 255;
memcpy(&p_decoded->authority, p_descriptor->p_data, p_descriptor->i_length); memcpy(&p_decoded->authority, p_descriptor->p_data, p_descriptor->i_length);
p_decoded->authority[p_descriptor->i_length] = 0; p_decoded->authority[p_descriptor->i_length] = 0;
...@@ -64,5 +62,3 @@ dvbpsi_default_authority_dr_t *dvbpsi_DecodeDefaultAuthorityDr(dvbpsi_descriptor ...@@ -64,5 +62,3 @@ dvbpsi_default_authority_dr_t *dvbpsi_DecodeDefaultAuthorityDr(dvbpsi_descriptor
return p_decoded; return p_decoded;
} }
...@@ -40,23 +40,22 @@ dvbpsi_content_id_dr_t *dvbpsi_DecodeContentIdDr(dvbpsi_descriptor_t *p_descript ...@@ -40,23 +40,22 @@ dvbpsi_content_id_dr_t *dvbpsi_DecodeContentIdDr(dvbpsi_descriptor_t *p_descript
{ {
dvbpsi_content_id_dr_t *p_decoded; dvbpsi_content_id_dr_t *p_decoded;
int byte; int byte;
/* Check the tag */ /* Check the tag */
if (p_descriptor->i_tag != 0x76) if (p_descriptor->i_tag != 0x76)
{
return NULL; return NULL;
}
/* Don't decode twice */ /* Don't decode twice */
if (p_descriptor->p_decoded) if (p_descriptor->p_decoded)
{
return p_descriptor->p_decoded; return p_descriptor->p_decoded;
}
/* Check boundaries */
if (p_descriptor->i_length > ARRAY_SIZE(p_decoded->p_entries))
p_descriptor->i_length = ARRAY_SIZE(p_decoded->p_entries);
p_decoded = (dvbpsi_content_id_dr_t*)malloc(sizeof(dvbpsi_content_id_dr_t)); p_decoded = (dvbpsi_content_id_dr_t*)malloc(sizeof(dvbpsi_content_id_dr_t));
if (!p_decoded) if (!p_decoded)
{
return NULL; return NULL;
}
p_decoded->i_number_of_entries = 0; p_decoded->i_number_of_entries = 0;
for (byte = 0; byte < p_descriptor->i_length; p_decoded->i_number_of_entries ++) for (byte = 0; byte < p_descriptor->i_length; p_decoded->i_number_of_entries ++)
...@@ -70,6 +69,9 @@ dvbpsi_content_id_dr_t *dvbpsi_DecodeContentIdDr(dvbpsi_descriptor_t *p_descript ...@@ -70,6 +69,9 @@ dvbpsi_content_id_dr_t *dvbpsi_DecodeContentIdDr(dvbpsi_descriptor_t *p_descript
if (entry->i_location == CRID_LOCATION_DESCRIPTOR) if (entry->i_location == CRID_LOCATION_DESCRIPTOR)
{ {
uint8_t len = p_descriptor->p_data[byte]; uint8_t len = p_descriptor->p_data[byte];
if (len > 253)
len = 253;
unsigned int i; unsigned int i;
byte ++; byte ++;
for (i = 0; i < len; i ++) for (i = 0; i < len; i ++)
...@@ -91,11 +93,9 @@ dvbpsi_content_id_dr_t *dvbpsi_DecodeContentIdDr(dvbpsi_descriptor_t *p_descript ...@@ -91,11 +93,9 @@ dvbpsi_content_id_dr_t *dvbpsi_DecodeContentIdDr(dvbpsi_descriptor_t *p_descript
free(p_decoded); free(p_decoded);
return NULL; return NULL;
} }
} }
p_descriptor->p_decoded = (void*)p_decoded; p_descriptor->p_decoded = (void*)p_decoded;
return p_decoded; return p_decoded;
} }
...@@ -40,31 +40,26 @@ dvbpsi_lcn_dr_t *dvbpsi_DecodeLCNDr(dvbpsi_descriptor_t *p_descriptor) ...@@ -40,31 +40,26 @@ dvbpsi_lcn_dr_t *dvbpsi_DecodeLCNDr(dvbpsi_descriptor_t *p_descriptor)
{ {
dvbpsi_lcn_dr_t *p_decoded; dvbpsi_lcn_dr_t *p_decoded;
int i; int i;
/* Check the tag */ /* Check the tag */
if (p_descriptor->i_tag != 0x83) if (p_descriptor->i_tag != 0x83)
{
return NULL; return NULL;
}
/* Don't decode twice */ /* Don't decode twice */
if (p_descriptor->p_decoded) if (p_descriptor->p_decoded)
{
return p_descriptor->p_decoded; return p_descriptor->p_decoded;
}
/* Check length */ /* Check length */
if (p_descriptor->i_length % 4) if (p_descriptor->i_length % 4)
{
return NULL; return NULL;
}
p_decoded = (dvbpsi_lcn_dr_t*)malloc(sizeof(dvbpsi_lcn_dr_t)); p_decoded = (dvbpsi_lcn_dr_t*)malloc(sizeof(dvbpsi_lcn_dr_t));
if (!p_decoded) if (!p_decoded)
{
return NULL; return NULL;
}
p_decoded->i_number_of_entries = p_descriptor->i_length / 4; p_decoded->i_number_of_entries = p_descriptor->i_length / 4;
if (p_decoded->i_number_of_entries > ARRAY_SIZE(p_decoded->p_entries))
p_decoded->i_number_of_entries = ARRAY_SIZE(p_decoded->p_entries);
for (i = 0; i < p_decoded->i_number_of_entries; i ++) for (i = 0; i < p_decoded->i_number_of_entries; i ++)
{ {
......
...@@ -65,7 +65,7 @@ typedef struct dvbpsi_lcn_dr_s ...@@ -65,7 +65,7 @@ typedef struct dvbpsi_lcn_dr_s
{ {
uint8_t i_number_of_entries; /*!< Number of LCN entries present. */ uint8_t i_number_of_entries; /*!< Number of LCN entries present. */
dvbpsi_lcn_entry_t p_entries[64];/*!< Array of LCN entries. */ dvbpsi_lcn_entry_t p_entries[64];/*!< Array of LCN entries. */
}dvbpsi_lcn_dr_t; } dvbpsi_lcn_dr_t;
/***************************************************************************** /*****************************************************************************
* dvbpsi_DecodeLCNDr * dvbpsi_DecodeLCNDr
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment