patch from Stefan Kratochwil <entwicklung@inovel.de> : canfestival-3-fm3_698.patch
Bug:
If an object dictionary entry was requested whose size exceeds
SDO_MAX_LENGTH_TRANSFERT, the memcpy() call at line 139 of objacces.c overwrites
the memory after *pDestData which causes stack corruption.
-> Bugfix:
The bug was corrected by size checking the requested data. An 'Out of
memory' error message will be generated if the requested data exceeds
SDO_MAX_LENGTH_TRANSFERT.
Additional changes:
Added dynamic buffer allocation for the SDO transfer. This feature can be used
if SDO_DYNAMIC_BUFFER_ALLOCATION is defined in config.h. The size of the
dynamically allocated buffer is controlled with
SDO_DYNAMIC_BUFFER_ALLOCATION_SIZE.
-> Note:
This change removes the detection of OD_LENGTH_DATA_INVALID errors!
#ifndef __sysdep_h__
#define __sysdep_h__
#include "config.h"
#ifdef CANOPEN_BIG_ENDIAN
/* Warning: the argument must not update pointers, e.g. *p++ */
#define UNS16_LE(v) ((((UNS16)(v) & 0xff00) >> 8) | \
(((UNS16)(v) & 0x00ff) << 8))
#define UNS32_LE(v) ((((UNS32)(v) & 0xff000000) >> 24) | \
(((UNS32)(v) & 0x00ff0000) >> 8) | \
(((UNS32)(v) & 0x0000ff00) << 8) | \
(((UNS32)(v) & 0x000000ff) << 24))
#else
#define UNS16_LE(v) (v)
#define UNS32_LE(v) (v)
#endif
#endif /* __sysdep_h__ */