theater/picomap
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Overflow detection, span-based signatures, flatten control flow

Browse Source
This commit is contained in:
Ian Gulliver
2026-04-10 23:02:07 +09:00
parent 8408603390
commit 76c519c17a
7 changed files with 67 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
firmware/lib/dispatch.cpp
View File

@@ -31,7 +31,7 @@ void dispatch_schedule_ms(uint32_t ms, std::function<void()> fn) {
static static_vector<uint8_t, 256> usb_rx_buf;
static std::array<uint8_t, 1514> tx_buf;
net_set_handler([&](std::span<const uint8_t> payload, span_writer &out) -> size_t {
net_set_handler([&](std::span<const uint8_t> payload, span_writer &out) -> msgpack::result<size_t> {
auto msg = try_decode(payload.data(), payload.size());
if (!msg) return 0;
auto it = handler_map.find(msg->type_id);
@@ -62,20 +62,19 @@ void dispatch_schedule_ms(uint32_t ms, std::function<void()> fn) {
usb_rx_buf.clear();
auto it = handler_map.find(msg->type_id);
if (it != handler_map.end()) {
span_writer out(tx_buf);
size_t resp_len = it->second(msg->message_id, msg->payload, out);
if (resp_len > 0) {
if (resp_len > usb.tx.free()) {
span_writer err_out(tx_buf);
size_t err_len = encode_response_into(err_out, msg->message_id,
DeviceError{2, "response too large: " + std::to_string(resp_len)});
usb.send(std::span<const uint8_t>{tx_buf.data(), err_len});
} else {
usb.send(std::span<const uint8_t>{tx_buf.data(), resp_len});
}
}
if (it == handler_map.end()) continue;
span_writer out(tx_buf);
auto resp = it->second(msg->message_id, msg->payload, out);
if (!resp || *resp == 0) continue;
size_t resp_len = *resp;
if (resp_len <= usb.tx.free()) {
usb.send(std::span<const uint8_t>{tx_buf.data(), resp_len});
continue;
}
span_writer err_out(tx_buf);
auto err = encode_response_into(err_out, msg->message_id,
DeviceError{2, "response too large: " + std::to_string(resp_len)});
if (err) usb.send(std::span<const uint8_t>{tx_buf.data(), *err});
}
__wfi();

64
firmware/lib/net.cpp
View File

@@ -106,23 +106,25 @@ static bool ip_match_or_broadcast(const ip4_addr& dst) {
return ip_match(dst) || dst == IP_BROADCAST_ALL || dst == IP_BROADCAST_SUBNET;
}
static void send_raw(const void* data, size_t len) {
static void send_raw(std::span<const uint8_t> data) {
dlog_if_slow("send_raw", 1000, [&]{
w6300::send(raw_socket, std::span<const uint8_t>{static_cast<const uint8_t*>(data), len});
w6300::send(raw_socket, data);
});
}
static void handle_arp(const uint8_t* frame, size_t len) {
if (len < sizeof(arp_packet)) return;
auto& pkt = *reinterpret_cast<const arp_packet*>(frame);
static void handle_arp(std::span<const uint8_t> frame, span_writer &tx) {
if (frame.size() < sizeof(arp_packet)) return;
auto& pkt = *reinterpret_cast<const arp_packet*>(frame.data());
if (pkt.htype != ARP_HTYPE_ETH) return;
if (pkt.ptype != ARP_PTYPE_IPV4) return;
if (pkt.hlen != 6 || pkt.plen != 4) return;
if (pkt.oper != ARP_OP_REQUEST) return;
if (!ip_match(pkt.tpa)) return;
if (sizeof(arp_packet) > tx.capacity()) return;
arp_packet reply = {};
auto& reply = *reinterpret_cast<arp_packet*>(tx.data());
reply = {};
reply.eth.dst = pkt.eth.src;
reply.eth.src = state.mac;
reply.eth.ethertype = ETH_ARP;
@@ -136,12 +138,12 @@ static void handle_arp(const uint8_t* frame, size_t len) {
reply.tha = pkt.sha;
reply.tpa = pkt.spa;
send_raw(&reply, sizeof(reply));
send_raw({tx.data(), sizeof(arp_packet)});
}
static void handle_udp(const uint8_t* frame, size_t len, span_writer &tx) {
if (len < sizeof(udp_header)) return;
auto& pkt = *reinterpret_cast<const udp_header*>(frame);
static void handle_udp(std::span<const uint8_t> frame, span_writer &tx) {
if (frame.size() < sizeof(udp_header)) return;
auto& pkt = *reinterpret_cast<const udp_header*>(frame.data());
if (pkt.dst_port != PICOMAP_PORT) return;
if (!ip_match_or_broadcast(pkt.ip.dst)) return;
@@ -151,12 +153,12 @@ static void handle_udp(const uint8_t* frame, size_t len, span_writer &tx) {
if (udp_len < 8) return;
if (sizeof(eth_header) + pkt.ip.ip_total_len() < sizeof(udp_header) + udp_len - 8) return;
auto* payload = frame + sizeof(udp_header);
size_t payload_len = udp_len - 8;
auto resp = tx.subspan(sizeof(udp_header));
size_t resp_len = msg_handler(std::span<const uint8_t>{payload, payload_len}, resp);
if (resp_len == 0) return;
auto result = msg_handler(frame.subspan(sizeof(udp_header), payload_len), resp);
if (!result || *result == 0) return;
size_t resp_len = *result;
size_t ip_total = 20 + 8 + resp_len;
size_t reply_len = sizeof(eth_header) + ip_total;
@@ -183,19 +185,19 @@ static void handle_udp(const uint8_t* frame, size_t len, span_writer &tx) {
rudp.length = __builtin_bswap16(8 + resp_len);
rudp.checksum = 0;
send_raw(tx.data(), reply_len);
send_raw({tx.data(), reply_len});
}
static void handle_icmp(const uint8_t* frame, size_t len, span_writer &tx) {
auto& ip = *reinterpret_cast<const ipv4_header*>(frame);
static void handle_icmp(std::span<const uint8_t> frame, span_writer &tx) {
auto& ip = *reinterpret_cast<const ipv4_header*>(frame.data());
size_t ip_hdr_len = ip.ip_header_len();
size_t ip_total = ip.ip_total_len();
if (sizeof(eth_header) + ip_total > len) return;
if (sizeof(eth_header) + ip_total > frame.size()) return;
if (ip.protocol != 1) return;
if (!ip_match_or_broadcast(ip.dst)) return;
auto& icmp = *reinterpret_cast<const icmp_echo*>(frame + sizeof(eth_header) + ip_hdr_len);
auto& icmp = *reinterpret_cast<const icmp_echo*>(frame.data() + sizeof(eth_header) + ip_hdr_len);
size_t icmp_len = ip_total - ip_hdr_len;
if (icmp_len < sizeof(icmp_echo)) return;
if (icmp.type != 8) return;
@@ -203,7 +205,7 @@ static void handle_icmp(const uint8_t* frame, size_t len, span_writer &tx) {
size_t reply_len = sizeof(eth_header) + ip_total;
if (reply_len > tx.capacity()) return;
memcpy(tx.data(), frame, reply_len);
memcpy(tx.data(), frame.data(), reply_len);
auto& rip = *reinterpret_cast<ipv4_header*>(tx.data());
rip.eth.dst = ip.eth.src;
rip.eth.src = state.mac;
@@ -218,36 +220,36 @@ static void handle_icmp(const uint8_t* frame, size_t len, span_writer &tx) {
ricmp.checksum = 0;
ricmp.checksum = ip_checksum(&ricmp, icmp_len);
send_raw(tx.data(), reply_len);
send_raw({tx.data(), reply_len});
}
static void handle_ipv4(const uint8_t* frame, size_t len, span_writer &tx) {
if (len < sizeof(ipv4_header)) return;
auto& ip = *reinterpret_cast<const ipv4_header*>(frame);
static void handle_ipv4(std::span<const uint8_t> frame, span_writer &tx) {
if (frame.size() < sizeof(ipv4_header)) return;
auto& ip = *reinterpret_cast<const ipv4_header*>(frame.data());
if ((ip.ver_ihl >> 4) != 4) return;
switch (ip.protocol) {
case 1:
handle_icmp(frame, len, tx);
handle_icmp(frame, tx);
break;
case 17:
handle_udp(frame, len, tx);
handle_udp(frame, tx);
break;
}
}
static void process_frame(const uint8_t* frame, size_t len, span_writer &tx) {
if (len < sizeof(eth_header)) return;
auto& eth = *reinterpret_cast<const eth_header*>(frame);
static void process_frame(std::span<const uint8_t> frame, span_writer &tx) {
if (frame.size() < sizeof(eth_header)) return;
auto& eth = *reinterpret_cast<const eth_header*>(frame.data());
if (!mac_match(eth.dst)) return;
switch (eth.ethertype) {
case ETH_ARP:
handle_arp(frame, len);
handle_arp(frame, tx);
break;
case ETH_IPV4:
handle_ipv4(frame, len, tx);
handle_ipv4(frame, tx);
break;
}
}
@@ -295,6 +297,6 @@ void net_poll(std::span<uint8_t> tx) {
auto result = w6300::recv(raw_socket, std::span{rx_buf});
if (!result) break;
span_writer tx_writer(tx);
process_frame(rx_buf, *result, tx_writer);
process_frame({rx_buf, *result}, tx_writer);
}
}