@@ -515,6 +515,23 @@ PacketBufferHandle PacketBufferHandle::New(size_t aAvailableSize, uint16_t aRese
515
515
// Setting a static upper bound on the maximum buffer size allocation for regular sized messages (not large).
516
516
static_assert (PacketBuffer::kMaxSizeWithoutReserve <= UINT16_MAX, " kMaxSizeWithoutReserve should not exceed UINT16_MAX." );
517
517
518
+ #if INET_CONFIG_ENABLE_TCP_ENDPOINT
519
+ // Setting a static upper bound on the maximum buffer size allocation for
520
+ // large messages.
521
+ #if CHIP_SYSTEM_CONFIG_USE_LWIP
522
+ static_assert (PacketBuffer::kLargeBufMaxSizeWithoutReserve <= UINT16_MAX,
523
+ " In LwIP, max size for Large payload buffers cannot exceed UINT16_MAX!" );
524
+ #else
525
+ static_assert (PacketBuffer::kLargeBufMaxSizeWithoutReserve <= UINT32_MAX,
526
+ " Max size for Large payload buffers cannot exceed UINT32_MAX" );
527
+ #endif // CHIP_SYSTEM_CONFIG_USE_LWIP
528
+
529
+ // Ensure that the definition of the max buffer allocation for regular
530
+ // messages is less than that for large ones.
531
+ static_assert (PacketBuffer::kMaxSizeWithoutReserve < PacketBuffer::kLargeBufMaxSizeWithoutReserve ,
532
+ " Large buffer configuration should be greater than the conventional buffer limit" );
533
+ #endif // INET_CONFIG_ENABLE_TCP_ENDPOINT
534
+
518
535
// Ensure that aAvailableSize is bound within a max and is not big enough to cause overflow during
519
536
// subsequent addition of all the sizes.
520
537
if (aAvailableSize > UINT32_MAX)
@@ -557,7 +574,7 @@ PacketBufferHandle PacketBufferHandle::New(size_t aAvailableSize, uint16_t aRese
557
574
558
575
CHIP_SYSTEM_FAULT_INJECT (FaultInjection::kFault_PacketBufferNew , return PacketBufferHandle ());
559
576
560
- if (lAllocSize > PacketBuffer::kMaxSizeWithoutReserve )
577
+ if (lAllocSize > PacketBuffer::kMaxAllocSize )
561
578
{
562
579
ChipLogError (chipSystemLayer, " PacketBuffer: allocation exceeding buffer capacity limits." );
563
580
return PacketBufferHandle ();
@@ -621,18 +638,15 @@ PacketBufferHandle PacketBufferHandle::New(size_t aAvailableSize, uint16_t aRese
621
638
PacketBufferHandle PacketBufferHandle::NewWithData (const void * aData, size_t aDataSize, size_t aAdditionalSize,
622
639
uint16_t aReservedSize)
623
640
{
624
- if (aDataSize > UINT16_MAX)
625
- {
626
- ChipLogError (chipSystemLayer, " PacketBuffer: allocation too large." );
627
- return PacketBufferHandle ();
628
- }
629
641
// Since `aDataSize` fits in uint16_t, the sum `aDataSize + aAdditionalSize` will not overflow.
630
642
// `New()` will only return a non-null buffer if the total allocation size does not overflow.
631
643
PacketBufferHandle buffer = New (aDataSize + aAdditionalSize, aReservedSize);
632
644
if (buffer.mBuffer != nullptr )
633
645
{
634
646
memcpy (buffer.mBuffer ->payload , aData, aDataSize);
635
647
#if CHIP_SYSTEM_CONFIG_USE_LWIP
648
+ // The VerifyOrDie() in the New() call catches buffer allocations greater
649
+ // than UINT16_MAX for LwIP based platforms.
636
650
buffer.mBuffer ->len = buffer.mBuffer ->tot_len = static_cast <uint16_t >(aDataSize);
637
651
#else
638
652
buffer.mBuffer ->len = buffer.mBuffer ->tot_len = aDataSize;
@@ -755,18 +769,20 @@ PacketBufferHandle PacketBufferHandle::CloneData() const
755
769
size_t originalDataSize = original->MaxDataLength ();
756
770
uint16_t originalReservedSize = original->ReservedSize ();
757
771
758
- if (originalDataSize + originalReservedSize > PacketBuffer::kMaxSizeWithoutReserve )
772
+ uint32_t maxSize = PacketBuffer::kMaxAllocSize ;
773
+
774
+ if (originalDataSize + originalReservedSize > maxSize)
759
775
{
760
776
// The original memory allocation may have provided a larger block than requested (e.g. when using a shared pool),
761
777
// and in particular may have provided a larger block than we are able to request from PackBufferHandle::New().
762
778
// It is a genuine error if that extra space has been used.
763
- if (originalReservedSize + original->DataLength () > PacketBuffer:: kMaxSizeWithoutReserve )
779
+ if (originalReservedSize + original->DataLength () > maxSize )
764
780
{
765
781
return PacketBufferHandle ();
766
782
}
767
783
// Otherwise, reduce the requested data size. This subtraction can not underflow because the above test
768
- // guarantees originalReservedSize <= PacketBuffer::kMaxSizeWithoutReserve .
769
- originalDataSize = PacketBuffer:: kMaxSizeWithoutReserve - originalReservedSize;
784
+ // guarantees originalReservedSize <= maxSize .
785
+ originalDataSize = maxSize - originalReservedSize;
770
786
}
771
787
772
788
PacketBufferHandle clone = PacketBufferHandle::New (originalDataSize, originalReservedSize);
0 commit comments