@@ -515,6 +515,12 @@ PacketBufferHandle PacketBufferHandle::New(size_t aAvailableSize, uint16_t aRese
515
515
// Setting a static upper bound on the maximum buffer size allocation for regular sized messages (not large).
516
516
static_assert (PacketBuffer::kMaxSizeWithoutReserve <= UINT16_MAX, " kMaxSizeWithoutReserve should not exceed UINT16_MAX." );
517
517
518
+ #if INET_CONFIG_ENABLE_TCP_ENDPOINT
519
+ static_assert (PacketBuffer::kLargeBufMaxSizeWithoutReserve <= UINT32_MAX, " Max size for Large payload buffers" );
520
+ static_assert (PacketBuffer::kMaxSizeWithoutReserve < PacketBuffer::kLargeBufMaxSizeWithoutReserve ,
521
+ " Large buffer configuration should be greater than the conventional buffer limit" );
522
+ #endif // INET_CONFIG_ENABLE_TCP_ENDPOINT
523
+
518
524
// Ensure that aAvailableSize is bound within a max and is not big enough to cause overflow during
519
525
// subsequent addition of all the sizes.
520
526
if (aAvailableSize > UINT32_MAX)
@@ -557,7 +563,7 @@ PacketBufferHandle PacketBufferHandle::New(size_t aAvailableSize, uint16_t aRese
557
563
558
564
CHIP_SYSTEM_FAULT_INJECT (FaultInjection::kFault_PacketBufferNew , return PacketBufferHandle ());
559
565
560
- if (lAllocSize > PacketBuffer::kMaxSizeWithoutReserve )
566
+ if (lAllocSize > PacketBuffer::kMaxAllocSize )
561
567
{
562
568
ChipLogError (chipSystemLayer, " PacketBuffer: allocation exceeding buffer capacity limits." );
563
569
return PacketBufferHandle ();
@@ -621,18 +627,15 @@ PacketBufferHandle PacketBufferHandle::New(size_t aAvailableSize, uint16_t aRese
621
627
PacketBufferHandle PacketBufferHandle::NewWithData (const void * aData, size_t aDataSize, size_t aAdditionalSize,
622
628
uint16_t aReservedSize)
623
629
{
624
- if (aDataSize > UINT16_MAX)
625
- {
626
- ChipLogError (chipSystemLayer, " PacketBuffer: allocation too large." );
627
- return PacketBufferHandle ();
628
- }
629
630
// Since `aDataSize` fits in uint16_t, the sum `aDataSize + aAdditionalSize` will not overflow.
630
631
// `New()` will only return a non-null buffer if the total allocation size does not overflow.
631
632
PacketBufferHandle buffer = New (aDataSize + aAdditionalSize, aReservedSize);
632
633
if (buffer.mBuffer != nullptr )
633
634
{
634
635
memcpy (buffer.mBuffer ->payload , aData, aDataSize);
635
636
#if CHIP_SYSTEM_CONFIG_USE_LWIP
637
+ // The VerifyOrDie() in the New() call catches buffer allocations greater
638
+ // than UINT16_MAX for LwIP based platforms.
636
639
buffer.mBuffer ->len = buffer.mBuffer ->tot_len = static_cast <uint16_t >(aDataSize);
637
640
#else
638
641
buffer.mBuffer ->len = buffer.mBuffer ->tot_len = aDataSize;
@@ -755,18 +758,20 @@ PacketBufferHandle PacketBufferHandle::CloneData() const
755
758
size_t originalDataSize = original->MaxDataLength ();
756
759
uint16_t originalReservedSize = original->ReservedSize ();
757
760
758
- if (originalDataSize + originalReservedSize > PacketBuffer::kMaxSizeWithoutReserve )
761
+ uint32_t maxSize = PacketBuffer::kMaxAllocSize ;
762
+
763
+ if (originalDataSize + originalReservedSize > maxSize)
759
764
{
760
765
// The original memory allocation may have provided a larger block than requested (e.g. when using a shared pool),
761
766
// and in particular may have provided a larger block than we are able to request from PackBufferHandle::New().
762
767
// It is a genuine error if that extra space has been used.
763
- if (originalReservedSize + original->DataLength () > PacketBuffer:: kMaxSizeWithoutReserve )
768
+ if (originalReservedSize + original->DataLength () > maxSize )
764
769
{
765
770
return PacketBufferHandle ();
766
771
}
767
772
// Otherwise, reduce the requested data size. This subtraction can not underflow because the above test
768
- // guarantees originalReservedSize <= PacketBuffer::kMaxSizeWithoutReserve .
769
- originalDataSize = PacketBuffer:: kMaxSizeWithoutReserve - originalReservedSize;
773
+ // guarantees originalReservedSize <= maxSize .
774
+ originalDataSize = maxSize - originalReservedSize;
770
775
}
771
776
772
777
PacketBufferHandle clone = PacketBufferHandle::New (originalDataSize, originalReservedSize);
0 commit comments