From 864fe60918922657f1bbcb30acd1f9a6a0103389 Mon Sep 17 00:00:00 2001 From: wangbaidong Date: Fri, 22 Aug 2025 16:44:36 +0800 Subject: [PATCH 1/2] 0822 Signed-off-by: wangbaidong --- common/src/ipc/standard/ipc_model_codec.cpp | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/common/src/ipc/standard/ipc_model_codec.cpp b/common/src/ipc/standard/ipc_model_codec.cpp index 63c05ae86..f09b0dbcf 100644 --- a/common/src/ipc/standard/ipc_model_codec.cpp +++ b/common/src/ipc/standard/ipc_model_codec.cpp @@ -35,21 +35,32 @@ constexpr uint32_t IPC_VECTOR_MAX_SIZE = 1000; } \ } while (0) +#define CHECK_CPY_SIZE_RETURN(destSize, srcSize) \ + do { \ + if (destSize <= srcSize) { \ + LOGE("params size invalid"); \ + return; \ + } \ + } while (0) + //LCOV_EXCL_START void IpcModelCodec::DecodeDmDeviceBasicInfo(MessageParcel &parcel, DmDeviceBasicInfo &devInfo) { std::string deviceIdStr = parcel.ReadString(); + CHECK_CPY_SIZE_RETURN(DM_MAX_DEVICE_ID_LEN, deviceIdStr.size()); if (strcpy_s(devInfo.deviceId, deviceIdStr.size() + 1, deviceIdStr.c_str()) != DM_OK) { LOGE("strcpy_s deviceId failed!"); return; } std::string deviceNameStr = parcel.ReadString(); + CHECK_CPY_SIZE_RETURN(DM_MAX_DEVICE_NAME_LEN, deviceNameStr.size()); if (strcpy_s(devInfo.deviceName, deviceNameStr.size() + 1, deviceNameStr.c_str()) != DM_OK) { LOGE("strcpy_s deviceName failed!"); return; } devInfo.deviceTypeId = parcel.ReadUint16(); std::string networkIdStr = parcel.ReadString(); + CHECK_CPY_SIZE_RETURN(DM_MAX_DEVICE_ID_LEN, networkIdStr.size()); if (strcpy_s(devInfo.networkId, networkIdStr.size() + 1, networkIdStr.c_str()) != DM_OK) { LOGE("strcpy_s networkId failed!"); return; @@ -338,17 +349,20 @@ bool IpcModelCodec::EncodeDmDeviceIconInfoFilterOptions(const DmDeviceIconInfoFi void IpcModelCodec::DecodeDmDeviceInfo(MessageParcel &parcel, DmDeviceInfo &devInfo) { std::string deviceIdStr = parcel.ReadString(); + CHECK_CPY_SIZE_RETURN(DM_MAX_DEVICE_ID_LEN, deviceIdStr.size()); if (strcpy_s(devInfo.deviceId, deviceIdStr.size() + 1, deviceIdStr.c_str()) != DM_OK) { LOGE("strcpy_s deviceId failed!"); return; } std::string deviceNameStr = parcel.ReadString(); + CHECK_CPY_SIZE_RETURN(DM_MAX_DEVICE_NAME_LEN, deviceNameStr.size()); if (strcpy_s(devInfo.deviceName, deviceNameStr.size() + 1, deviceNameStr.c_str()) != DM_OK) { LOGE("strcpy_s deviceName failed!"); return; } devInfo.deviceTypeId = parcel.ReadUint16(); std::string networkIdStr = parcel.ReadString(); + CHECK_CPY_SIZE_RETURN(DM_MAX_DEVICE_ID_LEN, networkIdStr.size()); if (strcpy_s(devInfo.networkId, networkIdStr.size() + 1, networkIdStr.c_str()) != DM_OK) { LOGE("strcpy_s networkId failed!"); return; -- Gitee From 383f7340d4a2dd47f0823dd511aa171d3ab06ced Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=8E=8B=E6=9F=8F=E6=A0=8B?= Date: Fri, 22 Aug 2025 08:54:17 +0000 Subject: [PATCH 2/2] update common/src/ipc/standard/ipc_model_codec.cpp. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 王柏栋 --- common/src/ipc/standard/ipc_model_codec.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/src/ipc/standard/ipc_model_codec.cpp b/common/src/ipc/standard/ipc_model_codec.cpp index f09b0dbcf..2e336c5fd 100644 --- a/common/src/ipc/standard/ipc_model_codec.cpp +++ b/common/src/ipc/standard/ipc_model_codec.cpp @@ -37,7 +37,7 @@ constexpr uint32_t IPC_VECTOR_MAX_SIZE = 1000; #define CHECK_CPY_SIZE_RETURN(destSize, srcSize) \ do { \ - if (destSize <= srcSize) { \ + if ((destSize) <= (srcSize)) { \ LOGE("params size invalid"); \ return; \ } \ -- Gitee