Bluetooth: Mesh: Add msg length check for Cfg and Health models

According to spec we should ignore messages with incorrect msg size. This patch adds a check to every opcode handler. Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
2021-04-27 15:59:54 +02:00 · 2021-04-27 15:59:54 +02:00 · ca53e86f67
commit ca53e86f67
parent b9422ea9f3
6 changed files with 215 additions and 111 deletions
--- a/include/bluetooth/mesh/access.h
+++ b/include/bluetooth/mesh/access.h
@ -166,8 +166,13 @@ struct bt_mesh_model_op {
 	/** OpCode encoded using the BT_MESH_MODEL_OP_* macros */
 	const uint32_t  opcode;

-	/** Minimum required message length */
-	const size_t min_len;
+	/** Message length. If the message has variable length then this value
+	 *  indicates minimum message length and should be positive. Handler
+	 *  function should verify precise length based on the contents of the
+	 *  message. If the message has fixed length then this value should
+	 *  be negative. Use BT_MESH_LEN_* macros when defining this value.
+	 */
+	const ssize_t len;

 	/** @brief Handler function for this opcode.
 	 *
@ -187,6 +192,11 @@ struct bt_mesh_model_op {
 #define BT_MESH_MODEL_OP_2(b0, b1) (((b0) << 8) | (b1))
 #define BT_MESH_MODEL_OP_3(b0, cid) ((((b0) << 16) | 0xc00000) | (cid))

+/** Macro for encoding exact message length for fixed-length messages.  */
+#define BT_MESH_LEN_EXACT(len) (-len)
+/** Macro for encoding minimum message length for variable-length messages.  */
+#define BT_MESH_LEN_MIN(len) (len)
+
 /** End of the opcode list. Must always be present. */
 #define BT_MESH_MODEL_OP_END { 0, 0, NULL }
 /** Helper to define an empty opcode list. */