Fixed issue 1 reported by Erik Rosen:

The size of non-callback bytes-fields was miscalculated, which caused all following fields in a message to contain garbage. Previous commit contains a testcase for this. This fix changes the generated message description. If your protocol uses bytes-fields, you should regenerate *.pb.c.
author: Petteri Aimonen <jpa@git.mail.kapsi.fi> 2012-01-12 19:08:05 +0200
committer: Petteri Aimonen <jpa@git.mail.kapsi.fi> 2012-01-12 19:08:05 +0200
commit: 113bd7ee878ac2284c8c049fdb8dc2d2bd19f016 (patch)
tree: f38c617e54d763cee506c3314168bfb96a958f22 /pb_decode.c
parent: 0f6b615ae3395734ee9a1b35185540acad18c452 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/pb_decode.c b/pb_decode.c
index 3992ab86..1e2fea0a 100644
--- a/pb_decode.c
+++ b/pb_decode.c
@@ -509,7 +509,8 @@ bool checkreturn pb_dec_bytes(pb_istream_t *stream, const pb_field_t *field, voi
         return false;
     x->size = temp;
     
-    if (x->size > field->data_size)
+    /* Check length, noting the space taken by the size_t header. */
+    if (x->size > field->data_size - offsetof(pb_bytes_array_t, bytes))
         return false;
     
     return pb_read(stream, x->bytes, x->size);
@@ -522,6 +523,7 @@ bool checkreturn pb_dec_string(pb_istream_t *stream, const pb_field_t *field, vo
     if (!pb_decode_varint32(stream, &size))
         return false;
     
+    /* Check length, noting the null terminator */
     if (size > field->data_size - 1)
         return false;
author	Petteri Aimonen <jpa@git.mail.kapsi.fi>	2012-01-12 19:08:05 +0200
committer	Petteri Aimonen <jpa@git.mail.kapsi.fi>	2012-01-12 19:08:05 +0200
commit	113bd7ee878ac2284c8c049fdb8dc2d2bd19f016 (patch)
tree	f38c617e54d763cee506c3314168bfb96a958f22 /pb_decode.c
parent	0f6b615ae3395734ee9a1b35185540acad18c452 (diff)