Commit Graph

24 Commits

Author SHA1 Message Date
Stefan Kerkmann
1983421b7d
XAP: prevent OOB reads in config blob handler (#18926)
This fixes two bugs:

1. An invalid offset could be specified which wasn't checked to be in
   the bounds of the config blob.
2. The data_len check was incorrect as it would allow reading one byte
   past the config blob lenght.

Before the changes the following operation wouldn't fail:

Assuming we have blob of 64 bytes size and attempt a read with an
offset of 32 and data_len of 32, we actually try to read 32 bytes
starting from the 33. byte in the config blob. This reads exactly
one byte past array. Therefore we have to subtract one byte the get
the correct length.
2022-11-01 15:54:56 +00:00
zvecr
edc14b29be Dump lighting maps out of inline gen 2022-10-16 23:55:44 +01:00
zvecr
019d3f4877 Finish stub for effect mapping 2022-09-29 23:44:19 +01:00
zvecr
f81328068e stash more lighting 2022-09-29 23:44:19 +01:00
zvecr
1dbb4c0f96 stash 2022-09-29 23:44:19 +01:00
zvecr
f4e5901726 Strip out 'permissions: ignore' 2022-07-13 23:50:01 +01:00
zvecr
956bd3b7ca Refactor based on recent discussion 2022-06-19 22:04:36 +01:00
zvecr
17dbcedc8b bind xap_broadcast_secure_status to secure_hook_quantum 2022-05-22 22:47:50 +01:00
zvecr
d19285019d All other subsystems are disabled during unlock 2022-04-12 01:37:31 +01:00
zvecr
1ea2928d2a XAP messages extend timeout? 2022-04-11 02:14:19 +01:00
zvecr
05b5a4c23a format 2022-04-11 01:08:37 +01:00
zvecr
79db2df228 Allow secure to be slightly more optional 2022-04-11 01:07:22 +01:00
zvecr
89fab427c4 stub out secure as its own feature 2022-04-11 00:43:18 +01:00
zvecr
e7d9d6675c Implement codegen for more data types - codegen for return_execute stubs removed 2022-04-01 23:38:13 +01:00
zvecr
c5842ab9b5 stub out return_execute with zero args 2022-04-01 00:44:27 +01:00
Nick Brassel
ffcdfc6c03 Swap info.json.gz length to #define. 2022-04-01 08:15:33 +11:00
zvecr
0f5ced0521 claim back a few bytes 2022-03-31 19:14:35 +01:00
zvecr
fe1a4a52d4 clang 2022-03-31 01:23:19 +01:00
zvecr
646fdc7d17 Rework code gen for return of dynamic variables 2022-03-31 01:18:26 +01:00
zvecr
6269c6b51c partial gen for return_execute 2022-03-30 23:20:14 +01:00
zvecr
ff1bb76537 basic info.json handling 2022-03-28 21:06:16 +01:00
zvecr
c27edf4e64 vusb prep 2022-03-18 20:23:28 +00:00
Nick Brassel
c3ac89d1c9 qmk format-c, qmk format-python 2022-03-09 20:01:20 +11:00
Nick Brassel
eba91c6e28 Initial implementation of XAP protocol. 2021-08-11 21:08:32 +10:00