From b3afd60a73d2fa8ead92ffa8e66a264e64bafd12 Mon Sep 17 00:00:00 2001 From: Bogdan Pricop Date: Wed, 28 Oct 2015 14:19:45 +0000 Subject: [PATCH 01/14] Fix Klocwork#137: Non-void function does not return value Move getTimeStampClks() function to an *.S file It is fully implemented in assembly and we take care of returning value by filling in the proper value in the proper registers. Signed-off-by: Bogdan Pricop --- .gitignore | 1 + cores/arduino/utils.S | 43 ++++++++++++++++++++++++++++++++++++++++++ cores/arduino/wiring.c | 27 +------------------------- platform.txt | 3 +++ 4 files changed, 48 insertions(+), 26 deletions(-) create mode 100644 cores/arduino/utils.S diff --git a/.gitignore b/.gitignore index c523b483..908c9e9c 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ *.swp *.bin .* +cscope.* diff --git a/cores/arduino/utils.S b/cores/arduino/utils.S new file mode 100644 index 00000000..ae8f396b --- /dev/null +++ b/cores/arduino/utils.S @@ -0,0 +1,43 @@ +/* +Copyright (c) 2015 Intel Corporation. All right reserved. + +This library is free software; you can redistribute it and/or +modify it under the terms of the GNU Lesser General Public +License as published by the Free Software Foundation; either +version 2.1 of the License, or (at your option) any later version. + +This library is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +Lesser General Public License for more details. + +You should have received a copy of the GNU Lesser General Public +License along with this library; if not, write to the Free Software +Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + +*/ + + +.globl getTimeStampClks +.type getTimeStampClks, %function + +getTimeStampClks: + /* Disable interrupts - we don't want to be disturbed */ + clri r2 + /* Load in r1 value of timer0_overflows */ + ld r1, [timer0_overflows] + /* Read COUNT0 register */ + lr r0, [0x21] + /* Read CONTROL0 register */ + lr r3, [0x22] + /* If CONTROL0.IP is set COUNT0 reached LIMIT0 => r1 value might not be + * accurate => read COUNT0 again */ + bbit0.nt r3, 3, end + /* Read COUNT0 again*/ + lr r0, [0x21] + /* Timer0 overflowed => timer0_overflows++ */ + add r1, r1, 1 + /***/ +end: + seti r2 + diff --git a/cores/arduino/wiring.c b/cores/arduino/wiring.c index 28637bea..9bf3ec03 100644 --- a/cores/arduino/wiring.c +++ b/cores/arduino/wiring.c @@ -29,32 +29,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA #define FREQ_MHZ ((ARCV2_TIMER0_CLOCK_FREQ)/1000000) static const uint64_t MS_TO_CLKS = (FREQ_MHZ * 1000); -static uint64_t getTimeStampClks(void) -{ - __asm__ volatile ( - /* Disable interrupts - we don't want to be disturbed */ - "clri r2 \n\t" - /* Load in r1 value of timer0_overflows */ - "ld r1, %0 \n\t" - /* Read COUNT0 register */ - "lr r0, [0x21] \n\t" - /* Read CONTROL0 register */ - "lr r3, [0x22] \n\t" - /* If CONTROL0.IP is set COUNT0 reached LIMIT0 => r1 value might not be - * accurate => read COUNT0 again */ - "bbit0.nt r3, 3, end \n\t" - /* Read COUNT0 again*/ - "lr r0, [0x21] \n\t" - /* Timer0 overflowed => timer0_overflows++ */ - "add r1, r1, 1 \n\t" - /***/ - "end: \n\t" - "seti r2 \n\t" - : /* Output parameters and their constraints */ - : "m"(timer0_overflows) /* Input parameters and their constraints */ - : "r0", "r1", "r2", "r3" /* Killed registers */ - ); -} +extern uint64_t getTimeStampClks(void); void delay(uint32_t msec) { diff --git a/platform.txt b/platform.txt index 649f6454..cb66cdb4 100644 --- a/platform.txt +++ b/platform.txt @@ -59,6 +59,9 @@ build.usb_manufacturer="Unknown" ## Compile c files recipe.c.o.pattern="{compiler.path}{compiler.c.cmd}" {compiler.c.flags} -DF_CPU={build.f_cpu} -DARDUINO={runtime.ide.version} -DARDUINO_{build.board} -DARDUINO_ARCH_{build.arch} {compiler.c.extra_flags} {build.extra_flags} {includes} "{source_file}" -o "{object_file}" +## Compile S files +recipe.S.o.pattern="{compiler.path}{compiler.c.cmd}" {compiler.c.flags} -DF_CPU={build.f_cpu} -DARDUINO={runtime.ide.version} -DARDUINO_{build.board} -DARDUINO_ARCH_{build.arch} {compiler.c.extra_flags} {build.extra_flags} {includes} "{source_file}" -o "{object_file}" + ## Compile c++ files recipe.cpp.o.pattern="{compiler.path}{compiler.cpp.cmd}" {compiler.cpp.flags} -DF_CPU={build.f_cpu} -DARDUINO={runtime.ide.version} -DARDUINO_{build.board} -DARDUINO_ARCH_{build.arch} {compiler.cpp.extra_flags} {build.extra_flags} {includes} "{source_file}" -o "{object_file}" From 62395e48e858c433a88c20523481382e90be21a3 Mon Sep 17 00:00:00 2001 From: Kevin Moloney Date: Wed, 28 Oct 2015 16:25:14 +0000 Subject: [PATCH 02/14] Fix Klocwork#1093: Infinite loop. * Added comment to verify requirement for infinite loop. Signed-off-by: Kevin Moloney --- cores/arduino/CDCSerialClass.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cores/arduino/CDCSerialClass.cpp b/cores/arduino/CDCSerialClass.cpp index 740375de..ad5c569e 100644 --- a/cores/arduino/CDCSerialClass.cpp +++ b/cores/arduino/CDCSerialClass.cpp @@ -120,7 +120,8 @@ int CDCSerialClass::read( void ) void CDCSerialClass::flush( void ) { - while (_tx_buffer->tail != _tx_buffer->head) { + while (_tx_buffer->tail != _tx_buffer->head) { /* This infinite loop is intentional + and requested by design */ delayMicroseconds(1); } } From db2995a78d772adb072ce743e77eece69a01d0d8 Mon Sep 17 00:00:00 2001 From: Kevin Moloney Date: Wed, 28 Oct 2015 16:28:23 +0000 Subject: [PATCH 03/14] Fix Klocwork#91: Infinite loop * Added comment to verify requirement for infinite loop. Signed-off-by: Kevin Moloney --- system/libarc32_arduino101/bootcode/interrupt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/libarc32_arduino101/bootcode/interrupt.c b/system/libarc32_arduino101/bootcode/interrupt.c index eb45fee2..0cca8f3c 100644 --- a/system/libarc32_arduino101/bootcode/interrupt.c +++ b/system/libarc32_arduino101/bootcode/interrupt.c @@ -32,7 +32,7 @@ struct _IsrTableEntry __attribute__((section(".data"))) _IsrTable[SS_NUM_IRQS]; static void _dummy_isr(void) { __asm__ ("flag 0x01"); /* Set the halt flag => halt the CPU */ - for(;;); + for(;;); /* This infinite loop is intentional and requested by design */ } void interrupt_connect(unsigned int irq, void (*isr)(void)) From 5e71e700d4d1b66f9e68fc725653db9859660255 Mon Sep 17 00:00:00 2001 From: Kevin Moloney Date: Wed, 28 Oct 2015 16:30:11 +0000 Subject: [PATCH 04/14] Fix Klocwork#100: Infinite loop. * Added comment to verify requirement for infinite loop. Signed-off-by: Kevin Moloney --- cores/arduino/main.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cores/arduino/main.cpp b/cores/arduino/main.cpp index 47671266..11f7c374 100644 --- a/cores/arduino/main.cpp +++ b/cores/arduino/main.cpp @@ -42,7 +42,7 @@ int main( void ) setup(); - for (;;) + for (;;) /* This infinite loop is intentional and requested by design */ { loop(); if (serialEventRun) serialEventRun(); From cfe0a5df34a7f8b94724a9b99f02b5e62e42854b Mon Sep 17 00:00:00 2001 From: Kevin Moloney Date: Wed, 28 Oct 2015 16:33:00 +0000 Subject: [PATCH 05/14] Fix Klocwork#105: Pointer returned may be null. * Added a check for this null pointer. Signed-off-by: Kevin Moloney --- system/libarc32_arduino101/framework/src/os/os.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/system/libarc32_arduino101/framework/src/os/os.c b/system/libarc32_arduino101/framework/src/os/os.c index ec4f3881..63aa31f6 100644 --- a/system/libarc32_arduino101/framework/src/os/os.c +++ b/system/libarc32_arduino101/framework/src/os/os.c @@ -41,12 +41,15 @@ void * cfw_alloc(int size, OS_ERR_TYPE * err) { void * ptr; unsigned int flags = interrupt_lock(); ptr = malloc(size+sizeof(void*)); - (*(int*) ptr) = size; + if (ptr != NULL) { + (*(int*) ptr) = size; #ifdef TRACK_ALLOCS - alloc_count++; + alloc_count++; #endif - interrupt_unlock(flags); - return ptr; + interrupt_unlock(flags); + return ptr; + } else + return 0; } void cfw_free(void * ptr, OS_ERR_TYPE * err) { From 79008fa1132cd1c9790c50a3f96232f54774a1dd Mon Sep 17 00:00:00 2001 From: Kevin Moloney Date: Wed, 28 Oct 2015 16:38:07 +0000 Subject: [PATCH 06/14] Fix Klocwork#671: Infinite loop. * Added comment to verify requirement for infinite loop. Signed-off-by: Kevin Moloney --- system/libarc32_arduino101/framework/src/cfw/service_manager.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/libarc32_arduino101/framework/src/cfw/service_manager.c b/system/libarc32_arduino101/framework/src/cfw/service_manager.c index 5452d52d..a6547a53 100644 --- a/system/libarc32_arduino101/framework/src/cfw/service_manager.c +++ b/system/libarc32_arduino101/framework/src/cfw/service_manager.c @@ -452,7 +452,7 @@ void _cfw_loop(void * queue) { struct cfw_message * message; T_QUEUE_MESSAGE m; - while (1) { + while (1) { /* This infinite loop is intentional and requested by design */ queue_get_message(queue, &m, OS_WAIT_FOREVER, NULL ); message = (struct cfw_message *) m; if (message != NULL ) { From 79744c4255d4c33d21b79bbc6f99922476ad3adf Mon Sep 17 00:00:00 2001 From: Kevin Moloney Date: Wed, 28 Oct 2015 16:40:38 +0000 Subject: [PATCH 07/14] Fix Klocwork#79,80,81,82: Uninitialized Variable. * using memset to initialize struct to zero. Signed-off-by: Kevin Moloney --- cores/arduino/i2c.c | 1 + 1 file changed, 1 insertion(+) diff --git a/cores/arduino/i2c.c b/cores/arduino/i2c.c index a23e76ff..1a674fee 100644 --- a/cores/arduino/i2c.c +++ b/cores/arduino/i2c.c @@ -110,6 +110,7 @@ int i2c_openadapter(void) SET_PIN_PULLUP(25, 1); i2c_cfg_data_t i2c_cfg; + memset(&i2c_cfg, 0, sizeof(i2c_cfg_data_t)); i2c_cfg.speed = I2C_SLOW; i2c_cfg.addressing_mode = I2C_7_Bit; From dd4845e5d4f7dca461587d8bc0cc998598b060bc Mon Sep 17 00:00:00 2001 From: Kevin Moloney Date: Wed, 28 Oct 2015 16:44:45 +0000 Subject: [PATCH 08/14] Fix Klocwork#2081,2082: Uninitialized variable. * using memset to initialize struct to zero. Signed-off-by: Kevin Moloney --- libraries/CurieBle/src/BleDevice.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/libraries/CurieBle/src/BleDevice.cpp b/libraries/CurieBle/src/BleDevice.cpp index 6c1a95ad..d3586932 100644 --- a/libraries/CurieBle/src/BleDevice.cpp +++ b/libraries/CurieBle/src/BleDevice.cpp @@ -387,6 +387,7 @@ BlePeripheral::getLocalAddress(BleDeviceAddress &address) const return BLE_STATUS_WRONG_STATE; ble_addr_t bda; + memset(&bda, 0, sizeof(ble_addr_t)); status = ble_client_gap_get_bda(&bda); if (BLE_STATUS_SUCCESS != status) return status; From 739c4007ba9c4b7a77d57628eb9ea31ab204d880 Mon Sep 17 00:00:00 2001 From: Kevin Moloney Date: Wed, 28 Oct 2015 16:47:44 +0000 Subject: [PATCH 09/14] Fix Klocwork#543,544: Buffer overflow/null pointer * Added a check to ensure array does not access index value of -1. * Added a check for this null pointer. Signed-off-by: Kevin Moloney --- system/libarc32_arduino101/framework/src/infra/port.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/system/libarc32_arduino101/framework/src/infra/port.c b/system/libarc32_arduino101/framework/src/infra/port.c index 584f3f93..e9f7eef6 100644 --- a/system/libarc32_arduino101/framework/src/infra/port.c +++ b/system/libarc32_arduino101/framework/src/infra/port.c @@ -136,7 +136,7 @@ uint16_t port_alloc(void * queue) { struct port * ret = NULL; uint32_t flags = interrupt_lock(); - if (registered_port_count < MAX_PORTS) { + if ((registered_port_count < MAX_PORTS) && (registered_port_count >= 0)) { ports[registered_port_count].id = registered_port_count + 1; /* don't use 0 as port.*/ ports[registered_port_count].cpu_id = get_cpu_id(); /* is overwritten in case of ipc */ ports[registered_port_count].queue = queue; @@ -150,7 +150,10 @@ uint16_t port_alloc(void * queue) panic(E_OS_ERR_NO_MEMORY); } interrupt_unlock(flags); - return ret->id; + if (ret != NULL) + return ret->id; + else + return 0; } #else uint16_t port_alloc(void *queue) From 2ae262a2a87d0d85032da3d975e7f1385a02ea75 Mon Sep 17 00:00:00 2001 From: Kevin Moloney Date: Thu, 29 Oct 2015 14:41:28 +0000 Subject: [PATCH 10/14] Fix Klocwork#2051,2060: Array may be outside index * Added check to ensure _data_len is within index values. * Had to repeat the branch statement rather than move it because of memcpy. Signed-off-by: Kevin Moloney --- libraries/CurieBle/src/BleCharacteristic.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/libraries/CurieBle/src/BleCharacteristic.cpp b/libraries/CurieBle/src/BleCharacteristic.cpp index 3fb124ac..88a89ce0 100644 --- a/libraries/CurieBle/src/BleCharacteristic.cpp +++ b/libraries/CurieBle/src/BleCharacteristic.cpp @@ -165,6 +165,9 @@ BleCharacteristic::_setValue(void) if (!_initialised) return BLE_STATUS_WRONG_STATE; + if (_data_len > _char_data.max_len) + return BLE_STATUS_NOT_ALLOWED; + status = ble_client_gatts_set_attribute_value(_handles.value_handle, _data_len, _data, 0); if (BLE_STATUS_SUCCESS != status) From cacac37db51b7212b92f3e90ff944006771860c4 Mon Sep 17 00:00:00 2001 From: Bogdan Pricop Date: Thu, 29 Oct 2015 22:28:12 +0000 Subject: [PATCH 11/14] Fix Klocwork#137: Non-void function does not return value Change getTimeStampClks() implementation from assembly to C. Signed-off-by: Bogdan Pricop --- cores/arduino/utils.S | 43 ------------------------------------------ cores/arduino/wiring.c | 15 ++++++++++++++- platform.txt | 3 --- 3 files changed, 14 insertions(+), 47 deletions(-) delete mode 100644 cores/arduino/utils.S diff --git a/cores/arduino/utils.S b/cores/arduino/utils.S deleted file mode 100644 index ae8f396b..00000000 --- a/cores/arduino/utils.S +++ /dev/null @@ -1,43 +0,0 @@ -/* -Copyright (c) 2015 Intel Corporation. All right reserved. - -This library is free software; you can redistribute it and/or -modify it under the terms of the GNU Lesser General Public -License as published by the Free Software Foundation; either -version 2.1 of the License, or (at your option) any later version. - -This library is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -Lesser General Public License for more details. - -You should have received a copy of the GNU Lesser General Public -License along with this library; if not, write to the Free Software -Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - -*/ - - -.globl getTimeStampClks -.type getTimeStampClks, %function - -getTimeStampClks: - /* Disable interrupts - we don't want to be disturbed */ - clri r2 - /* Load in r1 value of timer0_overflows */ - ld r1, [timer0_overflows] - /* Read COUNT0 register */ - lr r0, [0x21] - /* Read CONTROL0 register */ - lr r3, [0x22] - /* If CONTROL0.IP is set COUNT0 reached LIMIT0 => r1 value might not be - * accurate => read COUNT0 again */ - bbit0.nt r3, 3, end - /* Read COUNT0 again*/ - lr r0, [0x21] - /* Timer0 overflowed => timer0_overflows++ */ - add r1, r1, 1 - /***/ -end: - seti r2 - diff --git a/cores/arduino/wiring.c b/cores/arduino/wiring.c index 9bf3ec03..634fe75c 100644 --- a/cores/arduino/wiring.c +++ b/cores/arduino/wiring.c @@ -29,7 +29,20 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA #define FREQ_MHZ ((ARCV2_TIMER0_CLOCK_FREQ)/1000000) static const uint64_t MS_TO_CLKS = (FREQ_MHZ * 1000); -extern uint64_t getTimeStampClks(void); +static inline __attribute__((always_inline)) +uint64_t getTimeStampClks(void) +{ + uint32_t time_stamp; + int key = interrupt_lock(); + uint64_t ret = timer0_overflows; + time_stamp = aux_reg_read(ARC_V2_TMR0_COUNT); + if (aux_reg_read(ARC_V2_TMR0_CONTROL) & (0x01 << 3)) { + time_stamp = aux_reg_read(ARC_V2_TMR0_COUNT); + ret++; + } + interrupt_unlock(key); + return ((ret << 32) | time_stamp); +} void delay(uint32_t msec) { diff --git a/platform.txt b/platform.txt index cb66cdb4..649f6454 100644 --- a/platform.txt +++ b/platform.txt @@ -59,9 +59,6 @@ build.usb_manufacturer="Unknown" ## Compile c files recipe.c.o.pattern="{compiler.path}{compiler.c.cmd}" {compiler.c.flags} -DF_CPU={build.f_cpu} -DARDUINO={runtime.ide.version} -DARDUINO_{build.board} -DARDUINO_ARCH_{build.arch} {compiler.c.extra_flags} {build.extra_flags} {includes} "{source_file}" -o "{object_file}" -## Compile S files -recipe.S.o.pattern="{compiler.path}{compiler.c.cmd}" {compiler.c.flags} -DF_CPU={build.f_cpu} -DARDUINO={runtime.ide.version} -DARDUINO_{build.board} -DARDUINO_ARCH_{build.arch} {compiler.c.extra_flags} {build.extra_flags} {includes} "{source_file}" -o "{object_file}" - ## Compile c++ files recipe.cpp.o.pattern="{compiler.path}{compiler.cpp.cmd}" {compiler.cpp.flags} -DF_CPU={build.f_cpu} -DARDUINO={runtime.ide.version} -DARDUINO_{build.board} -DARDUINO_ARCH_{build.arch} {compiler.cpp.extra_flags} {build.extra_flags} {includes} "{source_file}" -o "{object_file}" From 344f90d892d33c47f121cc374643c5e28b51bbdd Mon Sep 17 00:00:00 2001 From: Kevin Moloney Date: Tue, 3 Nov 2015 15:38:37 +0000 Subject: [PATCH 12/14] Fix Klocwork#2051,2060: Array may be outside index * Added check to ensure _data_len is within index values. * Had to repeat the branch statement rather than move it because of memcpy. Signed-off-by: Kevin Moloney --- libraries/CurieBle/src/BleCharacteristic.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/CurieBle/src/BleCharacteristic.cpp b/libraries/CurieBle/src/BleCharacteristic.cpp index 88a89ce0..10099aa0 100644 --- a/libraries/CurieBle/src/BleCharacteristic.cpp +++ b/libraries/CurieBle/src/BleCharacteristic.cpp @@ -165,7 +165,7 @@ BleCharacteristic::_setValue(void) if (!_initialised) return BLE_STATUS_WRONG_STATE; - if (_data_len > _char_data.max_len) + if (_data_len > BLE_MAX_ATTR_DATA_LEN) return BLE_STATUS_NOT_ALLOWED; status = ble_client_gatts_set_attribute_value(_handles.value_handle, From afcc4efd16a7c7b9d915913d641a76f0b448eb3d Mon Sep 17 00:00:00 2001 From: Kevin Moloney Date: Tue, 3 Nov 2015 15:38:37 +0000 Subject: [PATCH 13/14] Fix Klocwork#2051,2060: Array may be outside index * Added check to ensure _data_len is within index values. * Had to repeat the branch statement rather than move it because of memcpy. * Fixed bug introduced(c8ecd5f) in WString.h when "len" became protected. Signed-off-by: Kevin Moloney --- libraries/CurieBle/src/BleCharacteristic.cpp | 4 ++-- libraries/CurieBle/src/BleDescriptor.cpp | 5 ++++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/libraries/CurieBle/src/BleCharacteristic.cpp b/libraries/CurieBle/src/BleCharacteristic.cpp index 88a89ce0..08fc678a 100644 --- a/libraries/CurieBle/src/BleCharacteristic.cpp +++ b/libraries/CurieBle/src/BleCharacteristic.cpp @@ -165,7 +165,7 @@ BleCharacteristic::_setValue(void) if (!_initialised) return BLE_STATUS_WRONG_STATE; - if (_data_len > _char_data.max_len) + if ((_data_len > BLE_MAX_ATTR_DATA_LEN) && (_data_len > _char_data.max_len)) return BLE_STATUS_NOT_ALLOWED; status = ble_client_gatts_set_attribute_value(_handles.value_handle, @@ -204,7 +204,7 @@ BleStatus BleCharacteristic::setValue(const String &str) { str.getBytes((unsigned char *)&_data, (unsigned int)_char_data.max_len, 0U); - _data_len = str.len + 1; + _data_len = str.length() + 1; return _setValue(); } diff --git a/libraries/CurieBle/src/BleDescriptor.cpp b/libraries/CurieBle/src/BleDescriptor.cpp index 3442f1a0..712f5394 100644 --- a/libraries/CurieBle/src/BleDescriptor.cpp +++ b/libraries/CurieBle/src/BleDescriptor.cpp @@ -70,6 +70,9 @@ BleDescriptor::_setValue(void) if (!_initialised) return BLE_STATUS_WRONG_STATE; + if (_desc.length > BLE_MAX_ATTR_DATA_LEN) + return BLE_STATUS_NOT_ALLOWED; + return ble_client_gatts_set_attribute_value(_handle, _desc.length, _data, 0); } @@ -93,7 +96,7 @@ BleStatus BleDescriptor::setValue(const String &str) { str.getBytes((unsigned char *)&_data, (unsigned int)BLE_MAX_ATTR_DATA_LEN, 0U); - _desc.length = str.len + 1; + _desc.length = str.length() + 1; return _setValue(); } From 3759bcd7fc648ae686de973af3df50f92e2dff9f Mon Sep 17 00:00:00 2001 From: Kevin Moloney Date: Thu, 5 Nov 2015 17:39:14 +0000 Subject: [PATCH 14/14] Fix Klocwork#2051,2060: Array may be outside index Change && to || Signed-off-by: Kevin Moloney --- libraries/CurieBle/src/BleCharacteristic.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/CurieBle/src/BleCharacteristic.cpp b/libraries/CurieBle/src/BleCharacteristic.cpp index 08fc678a..d3a088c7 100644 --- a/libraries/CurieBle/src/BleCharacteristic.cpp +++ b/libraries/CurieBle/src/BleCharacteristic.cpp @@ -165,7 +165,7 @@ BleCharacteristic::_setValue(void) if (!_initialised) return BLE_STATUS_WRONG_STATE; - if ((_data_len > BLE_MAX_ATTR_DATA_LEN) && (_data_len > _char_data.max_len)) + if ((_data_len > BLE_MAX_ATTR_DATA_LEN) || (_data_len > _char_data.max_len)) return BLE_STATUS_NOT_ALLOWED; status = ble_client_gatts_set_attribute_value(_handles.value_handle,