From 3fb0de859f4f954558e25d298682aabbaf6246ba Mon Sep 17 00:00:00 2001 From: Johny Mattsson Date: Sun, 10 Jan 2016 17:32:17 +1100 Subject: [PATCH] Range check the tmr interval value. Plain SDK 1.5.0 bugs out for values >6871948 or so - this commit does not do anything to mitigate that. --- app/modules/tmr.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/app/modules/tmr.c b/app/modules/tmr.c index cb13d45e..2a3dc724 100755 --- a/app/modules/tmr.c +++ b/app/modules/tmr.c @@ -140,10 +140,11 @@ static int tmr_register(lua_State* L){ sint32_t interval = luaL_checkinteger(L, 2); uint8_t mode = luaL_checkinteger(L, 3); //validate arguments - uint8_t args_valid = interval <= 0 + const int32_t MAX_TIMEOUT = 0xC49BA5; // assuming system_timer_reinit() has *not* been called + uint8_t args_invalid = (interval <= 0 || interval > MAX_TIMEOUT) || (mode != TIMER_MODE_SINGLE && mode != TIMER_MODE_SEMI && mode != TIMER_MODE_AUTO) || (lua_type(L, 4) != LUA_TFUNCTION && lua_type(L, 4) != LUA_TLIGHTFUNCTION); - if(args_valid) + if(args_invalid) return luaL_error(L, "wrong arg range"); //get the lua function reference lua_pushvalue(L, 4);