From 75762e5f16bf80c853ecda4fd57a16adcaa22926 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Salvador=20Cu=C3=B1at?= <salvador.cunat@gmail.com>
Date: Sun, 7 May 2017 14:26:56 +0200
Subject: [PATCH] Datatrak import rework: Add another memory size ckeck
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

As a last minute addition, and for peace of mind and soul, add just
another size check, to run before reading values from buffer.

Signed-off-by: Salvador Cuñat <salvador.cunat@gmail.com>
---
 core/datatrak.h | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/core/datatrak.h b/core/datatrak.h
index 7f79237ef..7aea1741f 100644
--- a/core/datatrak.h
+++ b/core/datatrak.h
@@ -44,22 +44,26 @@ static const struct models_table_t g_models[] = {
 extern struct sample *add_sample(struct sample *sample, int time, struct divecomputer *dc);
 
 #define JUMP(_ptr, _n) if ((long) (_ptr += _n) > maxbuf) goto bail
-
+#define CHECK(_ptr, _n) if ((long) _ptr + _n > maxbuf) goto bail
 #define read_bytes(_n) \
 	switch (_n) { \
 		case 1: \
+			CHECK(membuf, _n); \
 			tmp_1byte = membuf[0]; \
 			break; \
 		case 2: \
+			CHECK(membuf, _n); \
 			tmp_2bytes = two_bytes_to_int (membuf[1], membuf[0]); \
 			break; \
 		default: \
+			CHECK(membuf, _n); \
 			tmp_4bytes = four_bytes_to_long(membuf[3], membuf[2], membuf[1], membuf[0]); \
 			break; \
 	} \
 	JUMP(membuf, _n);
 
 #define read_string(_property) \
+	CHECK(membuf, tmp_1byte); \
 	unsigned char *_property##tmp = (unsigned char *)calloc(tmp_1byte + 1, 1); \
 	_property##tmp = memcpy(_property##tmp, membuf, tmp_1byte);\
 	_property = (unsigned char *)strcat(to_utf8(_property##tmp), ""); \