diff options
| -rw-r--r-- | pb_encode.c | 3 | ||||
| -rw-r--r-- | tests/encode_unittests/encode_unittests.c | 14 |
2 files changed, 17 insertions, 0 deletions
diff --git a/pb_encode.c b/pb_encode.c index d6ba7e34..4aced3cb 100644 --- a/pb_encode.c +++ b/pb_encode.c @@ -94,6 +94,9 @@ static bool checkreturn encode_array(pb_ostream_t *stream, const pb_field_t *fie if (count == 0) return true; + + if (count > field->array_size) + PB_RETURN_ERROR(stream, "array max size exceeded"); /* We always pack arrays if the datatype allows it. */ if (PB_LTYPE(field->type) <= PB_LTYPE_LAST_PACKABLE) diff --git a/tests/encode_unittests/encode_unittests.c b/tests/encode_unittests/encode_unittests.c index 32a37bf1..14bc62ee 100644 --- a/tests/encode_unittests/encode_unittests.c +++ b/tests/encode_unittests/encode_unittests.c @@ -224,6 +224,20 @@ int main() } { + uint8_t buffer[50]; + pb_ostream_t s; + FloatArray msg = {1, {99.0f}}; + + COMMENT("Test array size limit in pb_encode") + + s = pb_ostream_from_buffer(buffer, sizeof(buffer)); + TEST((msg.data_count = 10) && pb_encode(&s, FloatArray_fields, &msg)) + + s = pb_ostream_from_buffer(buffer, sizeof(buffer)); + TEST((msg.data_count = 11) && !pb_encode(&s, FloatArray_fields, &msg)) + } + + { uint8_t buffer[10]; pb_ostream_t s; CallbackArray msg; |