From 82f967ddb37022a69be2de3f38ac445093c0d6df Mon Sep 17 00:00:00 2001 From: Berthold Stoeger Date: Sun, 18 Jul 2021 12:51:47 +0200 Subject: core: sanitize pressure-sensor cylinder ids in fixup_dive() The code will happily perform out-of-bound accesses if pressure-sensors refer to non-existing cylinders. Therefore, sanitize these values in fixup_dive(), which is called everytime a dive is loaded or imported. Signed-off-by: Berthold Stoeger --- core/dive.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'core') diff --git a/core/dive.c b/core/dive.c index 36b1376fa..e96036611 100644 --- a/core/dive.c +++ b/core/dive.c @@ -1208,6 +1208,17 @@ static void fixup_no_o2sensors(struct divecomputer *dc) } } +static void fixup_dc_sample_sensors(struct divecomputer *dc, int nr_cylinders) +{ + for (int i = 0; i < dc->samples; i++) { + struct sample *s = dc->sample + i; + for (int j = 0; j < MAX_SENSORS; j++) { + if (s->sensor[j] < 0 || s->sensor[j] >= nr_cylinders) + s->sensor[j] = NO_SENSOR; + } + } +} + static void fixup_dive_dc(struct dive *dive, struct divecomputer *dc) { /* Fixup duration and mean depth */ @@ -1228,6 +1239,9 @@ static void fixup_dive_dc(struct dive *dive, struct divecomputer *dc) /* Fix up cylinder pressures based on DC info */ fixup_dive_pressures(dive, dc); + /* Fix up cylinder ids in pressure sensors */ + fixup_dc_sample_sensors(dc, dive->cylinders.nr); + fixup_dc_events(dc); /* Fixup CCR / PSCR dives with o2sensor values, but without no_o2sensors */ -- cgit v1.2.3-70-g09d2