feat,wip: safe access to buffer via get()?

openwsn-berkeley · Nov 15, 2023 · 425cdd1 · 425cdd1
1 parent 06e6e1f
commit 425cdd1
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 4 deletions.
diff --git a/consts/src/lib.rs b/consts/src/lib.rs
@@ -154,13 +154,27 @@ impl Default for State<Start> {
     }
 }
 
+pub enum AccessError {
+    OutOfBounds,
+}
+
+impl From<AccessError> for EDHOCError {
+    fn from(error: AccessError) -> Self {
+        match error {
+            AccessError::OutOfBounds => EDHOCError::ParsingError,
+        }
+    }
+}
+
 #[repr(C)]
 #[derive(PartialEq, Debug, Copy, Clone)]
 pub struct EdhocMessageBuffer {
     pub content: [u8; MAX_MESSAGE_SIZE_LEN],
     pub len: usize,
 }
 
+impl EdhocMessageBuffer {}
+
 impl Default for EdhocMessageBuffer {
     fn default() -> Self {
         EdhocMessageBuffer {
@@ -172,6 +186,8 @@ impl Default for EdhocMessageBuffer {
 
 pub trait MessageBufferTrait {
     fn new() -> Self;
+    fn get(self, index: usize) -> Result<u8, AccessError>;
+    fn get_slice<'a>(&'a self, start: usize, len: usize) -> Result<&'a [u8], AccessError>;
     fn from_hex(hex: &str) -> Self;
 }
 
@@ -182,6 +198,23 @@ impl MessageBufferTrait for EdhocMessageBuffer {
             len: 0,
         }
     }
+
+    fn get(self, index: usize) -> Result<u8, AccessError> {
+        if index >= self.len {
+            return Err(AccessError::OutOfBounds);
+        }
+
+        Ok(self.content[index])
+    }
+
+    fn get_slice<'a>(&'a self, start: usize, len: usize) -> Result<&'a [u8], AccessError> {
+        if start > self.len || start > len || len > self.len {
+            return Err(AccessError::OutOfBounds);
+        }
+
+        Ok(&self.content[start..len])
+    }
+
     fn from_hex(hex: &str) -> Self {
         let mut buffer = EdhocMessageBuffer::new();
         buffer.len = hex.len() / 2;

diff --git a/lib/src/edhoc.rs b/lib/src/edhoc.rs
@@ -761,14 +761,14 @@ fn parse_message_2(
     let mut ciphertext_2: BufferCiphertext2 = BufferCiphertext2::new();
 
     // ensure the whole message is a single CBOR sequence
-    if is_cbor_bstr_2bytes_prefix(rcvd_message_2.content[0])
-        && rcvd_message_2.content[1] == (rcvd_message_2.len as u8 - 2)
+    if is_cbor_bstr_2bytes_prefix(rcvd_message_2.get(0)?)
+        && rcvd_message_2.get(1)? == (rcvd_message_2.len as u8 - 2)
     {
-        g_y[..].copy_from_slice(&rcvd_message_2.content[2..2 + P256_ELEM_LEN]);
+        g_y[..].copy_from_slice(rcvd_message_2.get_slice(2, 2 + P256_ELEM_LEN)?);
 
         ciphertext_2.len = rcvd_message_2.len - P256_ELEM_LEN - 2; // len - gy_len - 2
         ciphertext_2.content[..ciphertext_2.len].copy_from_slice(
-            &rcvd_message_2.content[2 + P256_ELEM_LEN..2 + P256_ELEM_LEN + ciphertext_2.len],
+            rcvd_message_2.get_slice(2 + P256_ELEM_LEN, 2 + P256_ELEM_LEN + ciphertext_2.len)?,
         );
 
         Ok((g_y, ciphertext_2))