Commit 9ce30b7bdf5d6756046f83e4f0d97da421963002

Con Kolivas 2013-11-22T11:14:21

Zero the read buffer in _usb_read to avoid stale data and only use stack memory instead of using the bulkbuf since it is only used in _usb_read.

diff --git a/usbutils.c b/usbutils.c
index 629e36e..482471f 100644
--- a/usbutils.c
+++ b/usbutils.c
@@ -2516,17 +2516,20 @@ usb_bulk_transfer(struct libusb_device_handle *dev_handle, int intinfo,
 
 int _usb_read(struct cgpu_info *cgpu, int intinfo, int epinfo, char *buf, size_t bufsiz, int *processed, int timeout, const char *end, enum usb_cmds cmd, bool readonce, bool cancellable)
 {
-	struct cg_usb_device *usbdev;
-	bool ftdi;
+	unsigned char *ptr, usbbuf[USB_READ_BUFSIZE];
 	struct timeval read_start, tv_finish;
-	unsigned int initial_timeout;
 	int bufleft, err, got, tot, pstate;
+	const size_t usbbufread = 512; /* Always read full size */
+	struct cg_usb_device *usbdev;
+	unsigned int initial_timeout;
 	bool first = true;
 	int endlen = 0;
-	unsigned char *ptr, *usbbuf = cgpu->usbinfo.bulkbuf;
-	const size_t usbbufread = 512; /* Always read full size */
 	char *eom = NULL;
 	double done;
+	bool ftdi;
+
+	memset(usbbuf, 0, USB_READ_BUFSIZE);
+	memset(buf, 0, bufsiz);
 
 	if (end)
 		endlen = strlen(end);
@@ -2534,7 +2537,6 @@ int _usb_read(struct cgpu_info *cgpu, int intinfo, int epinfo, char *buf, size_t
 	DEVRLOCK(cgpu, pstate);
 
 	if (cgpu->usbinfo.nodev) {
-		*buf = '\0';
 		*processed = 0;
 		USB_REJECT(cgpu, MODE_BULK_READ);
 
@@ -2555,7 +2557,6 @@ int _usb_read(struct cgpu_info *cgpu, int intinfo, int epinfo, char *buf, size_t
 
 	tot = usbdev->bufamt;
 	bufleft = bufsiz - tot;
-	memset(usbbuf, 0, USB_READ_BUFSIZE);
 	if (tot)
 		memcpy(usbbuf, usbdev->buffer, tot);
 	ptr = usbbuf + tot;
@@ -2609,6 +2610,17 @@ int _usb_read(struct cgpu_info *cgpu, int intinfo, int epinfo, char *buf, size_t
 			break;
 	}
 
+	/* If we found the end of message marker, just use that data and
+	 * return success. */
+	if (eom) {
+		size_t eomlen = (void *)eom - (void *)usbbuf + endlen;
+
+		if (eomlen < bufsiz) {
+			bufsiz = eomlen;
+			err = LIBUSB_SUCCESS;
+		}
+	}
+
 	// N.B. usbdev->buffer was emptied before the while() loop
 	if (tot > (int)bufsiz) {
 		usbdev->bufamt = tot - bufsiz;
@@ -2619,13 +2631,7 @@ int _usb_read(struct cgpu_info *cgpu, int intinfo, int epinfo, char *buf, size_t
 			cgpu->drv->name, cgpu->device_id, usbdev->bufamt);
 	}
 
-	/* If we found the end of message marker, just use that data and
-	 * return success. */
-	if (eom) {
-		*processed = (void *)eom - (void *)usbbuf + endlen;
-		err = LIBUSB_SUCCESS;
-	} else
-		*processed = tot;
+	*processed = tot;
 	memcpy((char *)buf, (const char *)usbbuf, (tot < (int)bufsiz) ? tot + 1 : (int)bufsiz);
 
 	if (err && err != LIBUSB_ERROR_TIMEOUT) {
diff --git a/usbutils.h b/usbutils.h
index 65e8874..a663816 100644
--- a/usbutils.h
+++ b/usbutils.h
@@ -183,6 +183,11 @@ enum usb_types {
 };
 
 #define USB_MAX_READ 8192
+/*
+ * We add 4: 1 for null, 2 for FTDI status and 1 to round to 4 bytes
+ * If a single device ever has multiple end points then it will need
+ * multiple of these
+ */
 #define USB_READ_BUFSIZE (USB_MAX_READ + 4)
 
 struct cg_usb_device {
@@ -252,13 +257,6 @@ struct cg_usb_info {
 	uint64_t write_delay_count;
 	double total_write_delay;
 
-	/*
-	 * We add 4: 1 for null, 2 for FTDI status and 1 to round to 4 bytes
-	 * If a single device ever has multiple end points then it will need
-	 * multiple of these
-	 */
-	unsigned char bulkbuf[USB_READ_BUFSIZE];
-
 	uint64_t tmo_count;
 	struct cg_usb_tmo usb_tmo[USB_TMOS];
 };