Validation in deserializer (#36)

* Validation in Deserializer Added validation in CDR deserialization: max buffer length is checked when deserializing fields and strings are checked for null-terminator (except for wstrings, which are serialized without null-terminator). Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com> * Catch exceptions in serdata functions In serdata functions rmw_print, rmw_to_sample and rmw_from_sample catch exceptions so that correct return code is given when functions are called from ddsi. Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com> * Improve deserialisation validation Refactored the deserialisation validation functions so that sequence length is checked more properly and protection against overflows. Renamed source files for exceptions so that it conforms to ros2 / google c++ style guide. Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
2019-09-19 11:56:26 +02:00 · 2019-09-19 11:56:26 +02:00 · 0e6fd30a8c
commit 0e6fd30a8c
parent b39efafd62
11 changed files with 379 additions and 160 deletions
--- a/README.md
+++ b/README.md
@ -5,7 +5,7 @@ with [*Eclipse Cyclone DDS*](https://github.com/eclipse-cyclonedds/cyclonedds) a
 implementation.

 ## Getting, building and using it
-   
+
 All it takes to get Cyclone DDS support into ROS2 is to clone this repository into the ROS2 workspace
 source directory, and then run colcon build in the usual manner:

@ -34,9 +34,3 @@ There are a number of known limitations:

 * Cyclone DDS does not yet implement DDS Security.  Consequently, there is no support for security
  in this RMW implementation either.
-
-* Deserialization only handles native format (it doesn't do any byte swapping).  This is pure
-  laziness, adding it is trivial.
-    
-* Deserialization assumes the input is valid and will do terrible things if it isn't.  Again, pure
-  laziness, it's just adding some bounds checks and other validation code.