Fixed array index out of range for binary-value, multistate-output, and lighting-output objects. Thanks, Roy! (#430)

Co-authored-by: Steve Karg <skarg@users.sourceforge.net>
2023-05-09 15:58:28 -05:00
parent 65792ab408
commit f59a460292
3 changed files with 154 additions and 275 deletions
@@ -216,58 +216,33 @@ float Lighting_Output_Present_Value(uint32_t object_instance)
 }

 /**
- * For a given object instance-number, determines the value at a
- * given priority.
- *
- * @param  object_instance - object-instance number of the object
- * @param  priority - priority 1..16
- *
- * @return  priority-value of the object
+ * @brief Encode a BACnetARRAY property element
+ * @param object_instance [in] BACnet network port object instance number
+ * @param priority [in] array index requested:
+ *    0 to N for individual array members
+ * @param apdu [out] Buffer in which the APDU contents are built, or NULL to
+ * return the length of buffer if it had been built
+ * @return The length of the apdu encoded or
+ *   BACNET_STATUS_ERROR for ERROR_CODE_INVALID_ARRAY_INDEX
 */
-static float Lighting_Output_Priority_Value(
-    uint32_t object_instance, unsigned priority)
+static int Lighting_Output_Priority_Array_Encode(
+    uint32_t object_instance, BACNET_ARRAY_INDEX priority, uint8_t *apdu)
 {
-    float value = 0.0;
+    int apdu_len = BACNET_STATUS_ERROR;
+    float real_value = 0.0;
    unsigned index = 0;

    index = Lighting_Output_Instance_To_Index(object_instance);
-    if (index < MAX_LIGHTING_OUTPUTS) {
-        if (priority && (priority <= BACNET_MAX_PRIORITY)) {
-            priority--;
-            value = Lighting_Output[index].Priority_Array[priority];
+    if ((index < MAX_LIGHTING_OUTPUTS) && (priority < BACNET_MAX_PRIORITY)) {
+        if (BIT_CHECK(Lighting_Output[index].Priority_Active_Bits, priority)) {
+            real_value = Lighting_Output[index].Priority_Array[priority];
+            apdu_len = encode_application_real(apdu, real_value);
+        } else {
+            apdu_len = encode_application_null(apdu);
        }
    }

-    return value;
-}
-
-/**
- * For a given object instance-number, determines if the given priority
- * is active or NULL.
- *
- * @param  object_instance - object-instance number of the object
- * @param  priority - priority 1..16
- *
- * @return  true if the priority slot is active
- */
-static bool Lighting_Output_Priority_Active(
-    uint32_t object_instance, unsigned priority)
-{
-    bool status = false;
-    unsigned index = 0;
-
-    index = Lighting_Output_Instance_To_Index(object_instance);
-    if (index < MAX_LIGHTING_OUTPUTS) {
-        if (priority && (priority <= BACNET_MAX_PRIORITY)) {
-            priority--;
-            if (BIT_CHECK(
-                    Lighting_Output[index].Priority_Active_Bits, priority)) {
-                status = true;
-            }
-        }
-    }
-
-    return status;
+    return apdu_len;
 }

 /**
@@ -908,8 +883,8 @@ bool Lighting_Output_Relinquish_Default_Set(
 */
 int Lighting_Output_Read_Property(BACNET_READ_PROPERTY_DATA *rpdata)
 {
-    int len = 0;
    int apdu_len = 0; /* return value */
+    int apdu_size = 0;
    BACNET_BIT_STRING bit_string;
    BACNET_CHARACTER_STRING char_string;
    BACNET_LIGHTING_COMMAND lighting_command;
@@ -924,6 +899,7 @@ int Lighting_Output_Read_Property(BACNET_READ_PROPERTY_DATA *rpdata)
        return 0;
    }
    apdu = rpdata->application_data;
+    apdu_size = rpdata->application_data_len;
    switch (rpdata->object_property) {
        case PROP_OBJECT_IDENTIFIER:
            apdu_len = encode_application_object_id(
@@ -999,59 +975,15 @@ int Lighting_Output_Read_Property(BACNET_READ_PROPERTY_DATA *rpdata)
            apdu_len = encode_application_real(&apdu[0], real_value);
            break;
        case PROP_PRIORITY_ARRAY:
-            /* Array element zero is the number of elements in the array */
-            if (rpdata->array_index == 0) {
-                apdu_len =
-                    encode_application_unsigned(&apdu[0], BACNET_MAX_PRIORITY);
-                /* if no index was specified, then try to encode the entire list
-                 */
-                /* into one packet. */
-            } else if (rpdata->array_index == BACNET_ARRAY_ALL) {
-                for (i = 1; i <= BACNET_MAX_PRIORITY; i++) {
-                    if (Lighting_Output_Priority_Active(
-                            rpdata->object_instance, i)) {
-                        real_value = Lighting_Output_Priority_Value(
-                            rpdata->object_instance, i);
-                        len = encode_application_real(
-                            &apdu[apdu_len], real_value);
-                    } else {
-                        len = encode_application_null(&apdu[apdu_len]);
-                    }
-                    /* add it if we have room */
-                    if ((apdu_len + len) < MAX_APDU) {
-                        apdu_len += len;
-                    } else {
-                        rpdata->error_code =
-                            ERROR_CODE_ABORT_SEGMENTATION_NOT_SUPPORTED;
-                        apdu_len = BACNET_STATUS_ABORT;
-                        break;
-                    }
-                }
-            } else {
-                if (rpdata->array_index <= BACNET_MAX_PRIORITY) {
-                    if (Lighting_Output_Priority_Active(
-                            rpdata->object_instance, rpdata->array_index)) {
-                        real_value = Lighting_Output_Priority_Value(
-                            rpdata->object_instance, rpdata->array_index);
-                        len = encode_application_real(
-                            &apdu[apdu_len], real_value);
-                    } else {
-                        len = encode_application_null(&apdu[apdu_len]);
-                    }
-                    /* add it if we have room */
-                    if ((apdu_len + len) < MAX_APDU) {
-                        apdu_len += len;
-                    } else {
-                        rpdata->error_code =
-                            ERROR_CODE_ABORT_SEGMENTATION_NOT_SUPPORTED;
-                        apdu_len = BACNET_STATUS_ABORT;
-                        break;
-                    }
-                } else {
-                    rpdata->error_class = ERROR_CLASS_PROPERTY;
-                    rpdata->error_code = ERROR_CODE_INVALID_ARRAY_INDEX;
-                    apdu_len = BACNET_STATUS_ERROR;
-                }
+            apdu_len = bacnet_array_encode(rpdata->object_instance,
+                rpdata->array_index, Lighting_Output_Priority_Array_Encode,
+                BACNET_MAX_PRIORITY, apdu, apdu_size);
+            if (apdu_len == BACNET_STATUS_ABORT) {
+                rpdata->error_code =
+                    ERROR_CODE_ABORT_SEGMENTATION_NOT_SUPPORTED;
+            } else if (apdu_len == BACNET_STATUS_ERROR) {
+                rpdata->error_class = ERROR_CLASS_PROPERTY;
+                rpdata->error_code = ERROR_CODE_INVALID_ARRAY_INDEX;
            }
            break;
        case PROP_RELINQUISH_DEFAULT:
@@ -1229,7 +1161,7 @@ static void Lighting_Output_Ramp_Handler(struct lighting_output_object *pLight,
    uint16_t milliseconds)
 {
    if (pLight && pCommand) {
-        /* FIXME: add ramp functionality */ 
+        /* FIXME: add ramp functionality */
        (void)pLight;
        (void)pCommand;
        (void)milliseconds;
@@ -1248,11 +1180,11 @@ static void Lighting_Output_Fade_Handler(struct lighting_output_object *pLight,
    BACNET_LIGHTING_COMMAND *pCommand,
    uint16_t milliseconds)
 {
-    if (pLight && pCommand) { 
-        /* FIXME: add fade functionality */ 
+    if (pLight && pCommand) {
+        /* FIXME: add fade functionality */
        (void)pLight;
        (void)pCommand;
-        (void)milliseconds;        
+        (void)milliseconds;
    }
 }