github.com/UtilitechAS.amsreader-firmware
1
0
Fork 0
mirror of https://github.com/UtilitechAS/amsreader-firmware.git synced 2026-04-09 23:18:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix uninitialized loop variable in GcmParser causing undefined behavior (#1163)

Browse Source 
In GcmParser::parse(), the authentication check loop used an uninitialized
loop counter: `for(uint8_t i; i < 16; i++)`. This is undefined behavior in
C++ because `i` has an indeterminate value, potentially causing the
authentication check to be skipped entirely or to read out-of-bounds memory.

Fix: initialize `i` to 0 so the loop correctly iterates all 16 bytes of
the authentication key.

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Mads Fox
2026-04-09 09:51:27 +02:00
committed by GitHub
parent f0c3873635
commit 6011d3169e
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/AmsDecoder/src/GcmParser.cpp
View File

@@ -96,7 +96,7 @@ int8_t GCMParser::parse(uint8_t *d, DataParserContext &ctx, bool hastag) {
footersize += authkeylen;
memcpy(additional_authenticated_data + 1, authentication_key, 16);
memcpy(authentication_tag, ptr + len - footersize - 5, authkeylen);
for(uint8_t i; i < 16; i++) authenticate |= authentication_key[i] > 0;
for(uint8_t i = 0; i < 16; i++) authenticate |= authentication_key[i] > 0;
}
#if defined(ESP8266)