aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobin Krahl <robin.krahl@ireas.org>2019-02-20 12:31:45 +0000
committerRobin Krahl <robin.krahl@ireas.org>2019-02-20 14:09:40 +0100
commit4b436755d5895cb7113bee135d451cdeb2cf465a (patch)
treee198bfeebefd1e8e1252bd05b049d8c3ec13b5f2
parente0d33dae2f2ab70b936467590284030d759f9db7 (diff)
downloadntw-4b436755d5895cb7113bee135d451cdeb2cf465a.tar.gz
ntw-4b436755d5895cb7113bee135d451cdeb2cf465a.tar.bz2
Assert maximum size for command request and response structs
The request and response structs for a command should not be bigger than the buffer they are read from or written to. Therefore we add assertions that enforce this property at compile time.
-rw-r--r--src/commands.rs6
-rw-r--r--src/device.rs6
-rw-r--r--src/util.rs9
3 files changed, 18 insertions, 3 deletions
diff --git a/src/commands.rs b/src/commands.rs
index 99e049f..66851c1 100644
--- a/src/commands.rs
+++ b/src/commands.rs
@@ -34,6 +34,8 @@ struct GetStatusResponse {
config_delete_user_password: u8,
}
+assert_maximum_size!(GetStatusResponse; GetStatusResponse, crate::device::RESPONSE_DATA_LEN);
+
#[derive(Debug, Default)]
struct GetStatusCommand {}
@@ -53,11 +55,15 @@ struct ReadSlotNameRequest {
internal_slot_number: u8,
}
+assert_maximum_size!(ReadSlotNameRequest; ReadSlotNameRequest, crate::device::REQUEST_DATA_LEN);
+
#[derive(Debug, Default, Serialize)]
struct ReadSlotNameResponse {
slot_name: [u8; 15],
}
+assert_maximum_size!(ReadSlotNameResponse; ReadSlotNameResponse, crate::device::RESPONSE_DATA_LEN);
+
#[derive(Debug, Default)]
struct ReadSlotNameCommand {}
diff --git a/src/device.rs b/src/device.rs
index 8f6f6ef..9f3d1a7 100644
--- a/src/device.rs
+++ b/src/device.rs
@@ -15,9 +15,9 @@ use crate::util::TryFrom;
const VID_CLAY_LOGIC: u16 = 0x20a0;
const PID_NITROKEY_PRO: u16 = 0x4108;
-const REPORT_LEN: usize = 64;
-const REQUEST_DATA_LEN: usize = REPORT_LEN - 5;
-const RESPONSE_DATA_LEN: usize = REPORT_LEN - 11;
+pub const REPORT_LEN: usize = 64;
+pub const REQUEST_DATA_LEN: usize = REPORT_LEN - 5;
+pub const RESPONSE_DATA_LEN: usize = REPORT_LEN - 11;
const REPORT_DESCRIPTOR: &[u8] = &[
0x05, 0x01, 0x09, 0x06, 0xA1, 0x01, 0x05, 0x07, 0x19, 0xE0, 0x29, 0xE7, 0x15, 0x00, 0x25, 0x01,
0x75, 0x01, 0x95, 0x08, 0x81, 0x02, 0x95, 0x01, 0x75, 0x08, 0x81, 0x03, 0x95, 0x05, 0x75, 0x01,
diff --git a/src/util.rs b/src/util.rs
index c86d047..7b12afb 100644
--- a/src/util.rs
+++ b/src/util.rs
@@ -77,6 +77,15 @@ macro_rules! enum_u8 {
};
}
+macro_rules! assert_maximum_size {
+ ($i:ident; $t:ident, $e: expr) => {
+ ::static_assertions::const_assert!(
+ $i;
+ ::core::mem::size_of::<$t>() <= $e
+ );
+ }
+}
+
pub trait TryFrom<T>: Sized {
fn try_from(val: T) -> Result<Self, ()>;
}