From ab1a825417c05c5ea67199ee51db2c66a3808118 Mon Sep 17 00:00:00 2001 From: Vladimir Zidar Date: Sun, 12 Jun 2022 23:24:26 +0200 Subject: [PATCH] LP-625 Fix for unsafe use of temporary data --- ground/gcs/src/plugins/flightlog/flightlogmanager.cpp | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/ground/gcs/src/plugins/flightlog/flightlogmanager.cpp b/ground/gcs/src/plugins/flightlog/flightlogmanager.cpp index 902893ab0..b216e49f3 100644 --- a/ground/gcs/src/plugins/flightlog/flightlogmanager.cpp +++ b/ground/gcs/src/plugins/flightlog/flightlogmanager.cpp @@ -229,15 +229,16 @@ void FlightLogManager::retrieveLogs(int flightToRetrieve) // cycle until there is space for another object while (start + header_len + 1 < data_len) { memset(&fields, 0xFF, total_len); - uint8_t *tmp = logEntry->getData().Data; // avoid compiler warning regarding addressing a temporary make sure tmp lives until after memcpy - memcpy(&fields, &tmp[start], header_len); + ExtendedDebugLogEntry::DataFields tmp = logEntry->getData(); + memcpy(&fields, &tmp.Data[start], header_len); + // check wether a packed object is found // note that empty data blocks are set as 0xFF in flight side to minimize flash wearing // thus as soon as this read outside of used area, the test will fail as lenght would be 0xFFFF quint32 toread = header_len + fields.Size; if (!(toread + start > data_len)) { - uint8_t *tmp = logEntry->getData().Data; // avoid compiler warning regarding addressing a temporary make sure tmp lives until after memcpy - memcpy(&fields, &tmp[start], toread); + tmp = logEntry->getData(); + memcpy(&fields, &tmp.Data[start], toread); ExtendedDebugLogEntry *subEntry = new ExtendedDebugLogEntry(); subEntry->setData(fields, m_objectManager); m_logEntries << subEntry;