bindesc: Add maximum data size and assertion

yonsch · nashif · commit fd68fc486cdc · 2024-10-11T13:20:49.000-04:00
Add a Kconfig symbol to limit the maximum size of a descriptor's
data, enforced by a build assertion.

Signed-off-by: Yonatan Schachter &lt;yonatan.schachter@gmail.com&gt;
diff --git a/include/zephyr/bindesc.h b/include/zephyr/bindesc.h
@@ -171,12 +171,15 @@ extern "C" {
  * @param id Unique ID of the descriptor
  * @param value A string value for the descriptor
  */
-#define BINDESC_STR_DEFINE(name, id, value)	\
-	__BINDESC_ENTRY_DEFINE(name) = {	\
-		.tag = BINDESC_TAG(STR, id),	\
-		.len = (uint16_t)sizeof(value),	\
-		.data = value,			\
-	}
+#define BINDESC_STR_DEFINE(name, id, value)							\
+	__BINDESC_ENTRY_DEFINE(name) = {							\
+		.tag = BINDESC_TAG(STR, id),							\
+		.len = (uint16_t)sizeof(value),							\
+		.data = value,									\
+	};											\
+	BUILD_ASSERT(sizeof(value) <= CONFIG_BINDESC_DEFINE_MAX_DATA_SIZE,			\
+		     "Bindesc " STRINGIFY(name) " exceeded maximum size, consider reducing the"	\
+		     " size or changing CONFIG_BINDESC_DEFINE_MAX_DATA_SIZE. ")
 
 /**
  * @brief Define a binary descriptor of type uint.
@@ -217,12 +220,16 @@ extern "C" {
  * @param id Unique ID of the descriptor
  * @param value A uint8_t array as data for the descriptor
  */
-#define BINDESC_BYTES_DEFINE(name, id, value)				\
-	__BINDESC_ENTRY_DEFINE(name) = {				\
-		.tag = BINDESC_TAG(BYTES, id),				\
-		.len = (uint16_t)sizeof((uint8_t [])__DEBRACKET value),	\
-		.data = __DEBRACKET value,				\
-	}
+#define BINDESC_BYTES_DEFINE(name, id, value)							\
+	__BINDESC_ENTRY_DEFINE(name) = {							\
+		.tag = BINDESC_TAG(BYTES, id),							\
+		.len = (uint16_t)sizeof((uint8_t [])__DEBRACKET value),				\
+		.data = __DEBRACKET value,							\
+	};											\
+	BUILD_ASSERT(sizeof((uint8_t [])__DEBRACKET value) <=					\
+		     CONFIG_BINDESC_DEFINE_MAX_DATA_SIZE,					\
+		     "Bindesc " STRINGIFY(name) " exceeded maximum size, consider reducing the"	\
+		     " size or changing CONFIG_BINDESC_DEFINE_MAX_DATA_SIZE. ")
 
 /**
  * @brief Get the value of a string binary descriptor
diff --git a/subsys/bindesc/Kconfig b/subsys/bindesc/Kconfig
@@ -20,6 +20,15 @@ source "subsys/bindesc/Kconfig.version"
 source "subsys/bindesc/Kconfig.build_time"
 source "subsys/bindesc/Kconfig.host_info"
 
+config BINDESC_DEFINE_MAX_DATA_SIZE
+	int "Bindesc max data size"
+	range 4 $(UINT16_MAX)
+	default 128
+	help
+	  Determines the maximum size of a binary descriptor's data. The theoretical
+	  limit to this value is the maximum value of a uint16_t (65535), in practice
+	  it's recommened to keep this value much smaller for easier handling of the data.
+
 endif # BINDESC_DEFINE
 
 endif # BINDESC
