I see suspicious code regarding the global bulk_chunklen, the local bulk_chunklen, and bcdusb used as an param and local. Can you explain more about the intention -or- review these locations to see if the code is correct?
bulk_chunklen
there is a global bulk_chunklen that has no atomic/mutex protecting it.
|
static unsigned int bulk_chunklen = DEFAULT_CHUNKSZ; |
It is assigned only one place in the codebase. Within usb_open_device(). It is never read. It has no reason to exist.
This global bulk_chunklen is set to a value during the open of a specific device yet libusb can open devices in parallel.
Technically, if something read this var (which nothing does) then the var changes as different devices with different chunks are opened in parallel.
|
bulk_chunklen = ifdesc->endpoint[i].wMaxPacketSize; |
Then there is a local bulk_chunklen which hides the global with the same name. What is the relationship between the local and global vars with the same name?
|
int bulk_chunklen = DEFAULT_CHUNKSZ; |
|
twb = 0; |
|
p = const_cast<uint8_t*>((const uint8_t*)tx_buf); |
|
int send_zlp = ((filesize % 512) == 0); |
|
|
|
if(bcdusb < 0x200) { |
|
bulk_chunklen = USB1_CHUNKSZ; |
|
} |
|
|
|
auto t1 = steady_clock::now(); |
|
mvLog(MVLOG_DEBUG, "Performing bulk write of %u bytes...", filesize); |
|
while(((unsigned)twb < filesize) || send_zlp) |
|
{ |
|
wb = filesize - twb; |
|
if(wb > bulk_chunklen) |
|
wb = bulk_chunklen; |
bcdusb
bcdusb starts as a local var in usb_boot(). It is an UINT16_T set to the value -1. This is suspicious signed/unsigned.
It is never set or changed again. This is suspicious as it should therefore be a const/macro.
This local bcdusb is passed as a param to send_file()
|
rc = send_file(h, endpoint, mvcmd, size, bcdusb); |
in send_file() this bcdusb param is compared against hex 0x200 aka 512 decimal. This is suspicious since it will always be false because -1 stored in that uint16_t is (uint16_t)65535U ==> 65535 < 512 = false
I see suspicious code regarding the global
bulk_chunklen, the localbulk_chunklen, andbcdusbused as an param and local. Can you explain more about the intention -or- review these locations to see if the code is correct?bulk_chunklen
there is a global
bulk_chunklenthat has no atomic/mutex protecting it.XLink/src/pc/protocols/usb_host.cpp
Line 42 in 457b23f
It is assigned only one place in the codebase. Within
usb_open_device(). It is never read. It has no reason to exist.This global
bulk_chunklenis set to a value during the open of a specific device yet libusb can open devices in parallel.Technically, if something read this var (which nothing does) then the var changes as different devices with different chunks are opened in parallel.
XLink/src/pc/protocols/usb_host.cpp
Line 555 in 457b23f
Then there is a local
bulk_chunklenwhich hides the global with the same name. What is the relationship between the local and global vars with the same name?XLink/src/pc/protocols/usb_host.cpp
Lines 573 to 588 in 457b23f
bcdusb
bcdusbstarts as a local var inusb_boot(). It is an UINT16_T set to the value-1. This is suspicious signed/unsigned.It is never set or changed again. This is suspicious as it should therefore be a const/macro.
XLink/src/pc/protocols/usb_host.cpp
Line 626 in 457b23f
This local
bcdusbis passed as a param tosend_file()XLink/src/pc/protocols/usb_host.cpp
Line 651 in 457b23f
in
send_file()thisbcdusbparam is compared against hex 0x200 aka 512 decimal. This is suspicious since it will always be false because -1 stored in that uint16_t is(uint16_t)65535U==>65535 < 512 = falseXLink/src/pc/protocols/usb_host.cpp
Line 578 in 457b23f