InfiniTime.git

commit fe4b07c610261df6b2d63e5b216248a6c8e78d8c

Author: Jean-François Milants <jf@codingfield.com>

Simple Weather Service : fix out of bounds access while creating Forecast instance.


 src/components/ble/SimpleWeatherService.cpp | 8 ++++++--
 src/components/ble/SimpleWeatherService.h | 4 +++-


diff --git a/src/components/ble/SimpleWeatherService.cpp b/src/components/ble/SimpleWeatherService.cpp
index 729e9352a037a446851fc86fd2ea069d85382e0f..9735f2d1e688c604af899f7442775c65cc2c8560 100644
--- a/src/components/ble/SimpleWeatherService.cpp
+++ b/src/components/ble/SimpleWeatherService.cpp
@@ -19,6 +19,8 @@ #include 
 #include "SimpleWeatherService.h"
 #include <cstring>
 #include <nrf_log.h>
+#include <array>
+
 using namespace Pinetime::Controllers;
 
 namespace {
@@ -42,8 +44,10 @@   SimpleWeatherService::Forecast CreateForecast(const uint8_t* dataBuffer) {
     uint64_t timestamp = static_cast<uint64_t>(dataBuffer[2] + (dataBuffer[3] << 8) + (dataBuffer[4] << 16) + (dataBuffer[5] << 24) +
                                                ((uint64_t) dataBuffer[6] << 32) + ((uint64_t) dataBuffer[7] << 40) +
                                                ((uint64_t) dataBuffer[8] << 48) + ((uint64_t) dataBuffer[9] << 54));
-    uint8_t nbDays = dataBuffer[10];
-    std::array<SimpleWeatherService::Forecast::Day, 5> days;
+
+    std::array<SimpleWeatherService::Forecast::Day, SimpleWeatherService::MaxNbForecastDays> days;
+    const uint8_t nbDaysInBuffer = dataBuffer[10];
+    const uint8_t nbDays = std::min(SimpleWeatherService::MaxNbForecastDays, nbDaysInBuffer);
     for (int i = 0; i < nbDays; i++) {
       days[i] = SimpleWeatherService::Forecast::Day {dataBuffer[11 + (i * 3)], dataBuffer[12 + (i * 3)], dataBuffer[13 + (i * 3)]};
     }




diff --git a/src/components/ble/SimpleWeatherService.h b/src/components/ble/SimpleWeatherService.h
index 9a023af1e7878e6c15d162f922300353bdbaf99d..a16254646c195cdb05e2f08b3b1d3abb32a7680f 100644
--- a/src/components/ble/SimpleWeatherService.h
+++ b/src/components/ble/SimpleWeatherService.h
@@ -46,6 +46,8 @@       void Init();
 
       int OnCommand(struct ble_gatt_access_ctxt* ctxt);
 
+      static constexpr uint8_t MaxNbForecastDays = 5;
+
       enum class Icons : uint8_t {
         Sun = 0,       // ClearSky
         CloudsSun = 1, // FewClouds
@@ -96,7 +98,7 @@           uint8_t maxTemperature;
           uint8_t iconId;
         };
 
-        std::array<Day, 5> days;
+        std::array<Day, MaxNbForecastDays> days;
       };
 
       std::optional<CurrentWeather> Current() const;