Skip to content

Commit 5809311

Browse files
vwoutvwout
committed
Perform message length verification before message parsing on inquiry responses
1 parent 3be8d5a commit 5809311

File tree

1 file changed

+42
-13
lines changed

1 file changed

+42
-13
lines changed

libvisca.lua

+42-13
Original file line numberDiff line numberDiff line change
@@ -395,6 +395,7 @@ end
395395
function Visca.PayloadReply:get_inquiry_data_for(inquiry_payload)
396396
local _,_,category,inquiry_command = unpack(inquiry_payload)
397397
local data = {}
398+
local unsupported_nr_of_arguments = false
398399

399400
if category == Visca.categories.interface then
400401
if inquiry_command == Visca.inquiry_commands.software_version then
@@ -410,25 +411,39 @@ function Visca.PayloadReply:get_inquiry_data_for(inquiry_payload)
410411
rom_version = bit.lshift(self.arguments[5] or 0, 8) + (self.arguments[6] or 0),
411412
max_nr_sockets = bit.band(self.arguments[7] or 0, 0x0F),
412413
}
414+
else
415+
unsupported_nr_of_arguments = true
413416
end
414417
end
415418
elseif category == Visca.categories.camera then
416419
if inquiry_command == Visca.inquiry_commands.color_gain then
417-
data = {
418-
color_level = bit.band(self.arguments[4] or 0, 0x0F)
419-
}
420+
if self.argument_cnt == 4 then
421+
data = {
422+
color_level = bit.band(self.arguments[4] or 0, 0x0F)
423+
}
424+
else
425+
unsupported_nr_of_arguments = true
426+
end
420427
elseif inquiry_command == Visca.inquiry_commands.brightness_position then
421-
data = {
422-
brightness = bit.lshift(bit.band(self.arguments[3] or 0, 0x0F), 4) +
423-
bit.band(self.arguments[4] or 0, 0x0F),
424-
}
428+
if self.argument_cnt == 4 then
429+
data = {
430+
brightness = bit.lshift(bit.band(self.arguments[3] or 0, 0x0F), 4) +
431+
bit.band(self.arguments[4] or 0, 0x0F),
432+
}
433+
else
434+
unsupported_nr_of_arguments = true
435+
end
425436
elseif inquiry_command == Visca.inquiry_commands.zoom_position then
426-
data = {
427-
zoom = bit.lshift(bit.band(self.arguments[1] or 0, 0x0F), 12) +
428-
bit.lshift(bit.band(self.arguments[2] or 0, 0x0F), 8) +
429-
bit.lshift(bit.band(self.arguments[3] or 0, 0x0F), 4) +
430-
bit.band(self.arguments[4] or 0, 0x0F),
431-
}
437+
if self.argument_cnt == 4 then
438+
data = {
439+
zoom = bit.lshift(bit.band(self.arguments[1] or 0, 0x0F), 12) +
440+
bit.lshift(bit.band(self.arguments[2] or 0, 0x0F), 8) +
441+
bit.lshift(bit.band(self.arguments[3] or 0, 0x0F), 4) +
442+
bit.band(self.arguments[4] or 0, 0x0F),
443+
}
444+
else
445+
unsupported_nr_of_arguments = true
446+
end
432447
end
433448
elseif category == Visca.categories.pan_tilter then
434449
if inquiry_command == Visca.inquiry_commands.pantilt_position then
@@ -457,6 +472,20 @@ function Visca.PayloadReply:get_inquiry_data_for(inquiry_payload)
457472
bit.lshift(bit.band(self.arguments[8] or 0, 0x0F), 4) +
458473
bit.band(self.arguments[9] or 0, 0x0F)
459474
}
475+
else
476+
unsupported_nr_of_arguments = true
477+
end
478+
end
479+
end
480+
481+
if next(data) == nil then
482+
if Visca.debug then
483+
if unsupported_nr_of_arguments then
484+
print(string.format("Unsupported number of arguments received for inquiry %d (%d)",
485+
inquiry_command, self.argument_cnt))
486+
else
487+
print(string.format("Unsupported inquiry type received (%d) for command category %d",
488+
inquiry_command, category))
460489
end
461490
end
462491
end

0 commit comments

Comments
 (0)