Skip to content

Fix overflow risk in strobeBlinkPin by updating parameter types and loop counter #519

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Fix overflow risk in strobeBlinkPin by updating parameter types and loop counter #519

wants to merge 2 commits into from

Conversation

Chris0xdeadbeef
Copy link

Summary

This PR fixes a potential overflow issue in the strobeBlinkPin function in the Firmata library by changing the types of the parameters and the loop counter to unsigned integer types.

Changes made

  • Updated the count parameter from int to unsigned int to reflect that it cannot be negative.
  • Changed onInterval and offInterval from int to uint32_t to support longer delay durations and prevent negative values.
  • Updated the loop counter type from byte to unsigned int for correct loop iteration when count is greater than 255.
  • Modified the function signature in both .cpp and .h files for consistency.

Why this is important

Previously, using a byte for the loop counter could cause overflow and incorrect behavior when count exceeds 255, potentially leading to infinite loops or premature termination. Similarly, using signed integers for timing parameters could allow negative values, causing unexpected delays.

This fix ensures type safety, correct loop behavior, and better support for longer timing intervals.

Additional notes

  • The order of delays inside the function remains the same (delay before turning LED on), but can be adjusted if desired.
  • No behavioral changes aside from fixing the overflow and type correctness.

Please review and let me know if you'd like to discuss or improve the approach further.

@Chris0xdeadbeef
fix(Firmata.cpp): use unsigned int and uint32_t in strobeBlinkPin to …
d9001b6 
…prevent overflow

Changed the loop counter and interval parameters in strobeBlinkPin to use unsigned integer types
(unsigned int for count and uint32_t for on/off intervals) to avoid overflow and incorrect behavior
when count exceeds 255 or intervals are large.

This fixes potential infinite loops or unexpected delays caused by using byte (uint8_t) types
for variables that can hold larger values.
@Chris0xdeadbeef
fix(Firmata.h): update strobeBlinkPin signature in header to use unsi…
d324e29 
…gned types

Updated the strobeBlinkPin function prototype in the header file to use unsigned int for count
and uint32_t for onInterval and offInterval to match the implementation and prevent overflow issues.

This ensures type consistency and avoids potential bugs caused by signed or too-small integer types
for timing and loop count parameters.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Chris0xdeadbeef