From 1daacdf61ddc83214cc60839068cfc3e3306c7aa Mon Sep 17 00:00:00 2001
From: Nenad Kljajic <nkljajic@control4.com>
Date: Tue, 13 Feb 2024 10:59:38 +0100
Subject: [PATCH] GH-26: Fix infinite loop on invalid next configuration
 parameter.

When 'Parameter Number' and 'Next Parameter Number' are equal,
configuration parameter discovery can not complete.
For example, this Z-Wave frame will set Node Interview into an infinite loop:

70 : COMMAND_CLASS_CONFIGURATION
0F : CONFIGURATION_PROPERTIES_REPORT_V4
00 : Parameter Number 1 (MSB)
71 : Parameter Number 2 (LSB)
09 : Format 0x01 Unsigned Integer, size 0x1
01 : Min Value
64 : Max Value
0A : Default Value
00 : Next Parameter Number (MSB)
71 : Next Parameter Number (LSB)
02 : No Bulk support 0x1, Not Advanced Parameter 0x0

Signed-off-by: Nenad Kljajic <nkljajic@control4.com>
---
 .../src/zwave_command_class_configuration_control.c  | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/applications/zpc/components/zwave_command_classes/src/zwave_command_class_configuration_control.c b/applications/zpc/components/zwave_command_classes/src/zwave_command_class_configuration_control.c
index 53aeab56c0..9ec3f91465 100644
--- a/applications/zpc/components/zwave_command_classes/src/zwave_command_class_configuration_control.c
+++ b/applications/zpc/components/zwave_command_classes/src/zwave_command_class_configuration_control.c
@@ -723,6 +723,16 @@ static sl_status_t
   if (frame_length >= (current_index + 2)) {
     next_id = (configuration_parameter_id_t)((frame[current_index] << 8)
                                              | frame[current_index + 1]);
+    if (next_id == parameter_id) {
+      sl_log_debug(LOG_TAG,
+                   "NodeID %d:%d reports that next parameter number %d"
+                   "equals the current one %d, ignoring.",
+                   info->remote.node_id,
+                   info->remote.endpoint_id,
+                   next_id,
+                   parameter_id);
+      next_id = 0;
+    }
     // Indicate the next parameter to search for:
     attribute_store_set_desired(next_id_node, &next_id, sizeof(next_id));
     // Set the reported, then undefine it so the resolver tries a new get immediately.
@@ -1616,4 +1626,4 @@ sl_status_t zwave_command_class_configuration_init()
   zwave_command_handler_register_handler(handler);
 
   return SL_STATUS_OK;
-}
\ No newline at end of file
+}