From 41764e1b5fd84233407f37f1f73713ad9a5a1270 Mon Sep 17 00:00:00 2001 From: Fredrik Orderud Date: Tue, 15 Oct 2024 11:39:19 +0200 Subject: [PATCH] Remove unused and broken HIDPowerDevice_::sendDate method The method currently uses a local bval variable as argument when calling HID().SendReport(...). This is problematic, since the SendReport method doesn't use bval immediately. It instead captures a pointer to bval which is accessed when the report is sent at a later point. This leads to a use-after-free situation when the pointer captured by SendReport no longer point to bval, but some other unknown data. --- src/HIDPowerDevice.cpp | 5 ----- src/HIDPowerDevice.h | 1 - 2 files changed, 6 deletions(-) diff --git a/src/HIDPowerDevice.cpp b/src/HIDPowerDevice.cpp index 4610d5a..580372f 100755 --- a/src/HIDPowerDevice.cpp +++ b/src/HIDPowerDevice.cpp @@ -250,11 +250,6 @@ void HIDPowerDevice_::setSerial(const char* s) { void HIDPowerDevice_::end(void) { } -int HIDPowerDevice_::sendDate(uint16_t id, uint16_t year, uint8_t month, uint8_t day) { - uint16_t bval = (year - 1980)*512 + month * 32 + day; - return HID().SendReport(id, &bval, sizeof (bval)); -} - int HIDPowerDevice_::sendReport(uint16_t id, const void* bval, int len) { return HID().SendReport(id, bval, len); } diff --git a/src/HIDPowerDevice.h b/src/HIDPowerDevice.h index 3b146b9..9e1cc7a 100755 --- a/src/HIDPowerDevice.h +++ b/src/HIDPowerDevice.h @@ -121,7 +121,6 @@ class HIDPowerDevice_ { void end(void); - int sendDate(uint16_t id, uint16_t year, uint8_t month, uint8_t day); int sendReport(uint16_t id, const void* bval, int len); int setFeature(uint16_t id, const void* data, int len);