From c78b4f699da218465e013693a235dc1b108af8fb Mon Sep 17 00:00:00 2001
From: Matthias Ringwald <matthias@ringwald.ch>
Date: Sat, 20 Nov 2021 20:34:09 +0100
Subject: [PATCH] btstack_posix_tlv: use max value size of 2048, assert if size
 is larger in store

---
 CHANGELOG.md                       |  1 +
 platform/posix/btstack_tlv_posix.c | 10 ++++++++--
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index a2d446185..ff9f5191c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -66,6 +66,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
   - *btstack_run_loop_execute_on_main_thread*: schedule code execution on main thread from other thread
   - *btstack_run_loop_trigger_exit*: trigger run loop exit
 - POSIX / Windows / Raspi / Qt: use updated ctrl-c handling
+- POSIX TLV: use max value size of 2048, assert if size is larger in store
 
 
 ## Release v1.4.1
diff --git a/platform/posix/btstack_tlv_posix.c b/platform/posix/btstack_tlv_posix.c
index 213d13f84..069af6d1e 100644
--- a/platform/posix/btstack_tlv_posix.c
+++ b/platform/posix/btstack_tlv_posix.c
@@ -54,6 +54,9 @@
 // - Value: Len in bytes
 
 #define BTSTACK_TLV_HEADER_LEN 8
+
+#define MAX_TLV_VALUE_SIZE 2048
+
 static const char * btstack_tlv_header_magic = "BTstack";
 
 #define DUMMY_SIZE 4
@@ -141,6 +144,9 @@ static int btstack_tlv_posix_get_tag(void * context, uint32_t tag, uint8_t * buf
 static int btstack_tlv_posix_store_tag(void * context, uint32_t tag, const uint8_t * data, uint32_t data_size){
 	btstack_tlv_posix_t * self = (btstack_tlv_posix_t *) context;
 
+	// enforce arbitrary max value size
+	btstack_assert(data_size <= MAX_TLV_VALUE_SIZE);
+
 	// remove old entry
 	tlv_entry_t * old_entry = btstack_tlv_posix_find_entry(self, tag);
 	if (old_entry){
@@ -193,8 +199,8 @@ static int btstack_tlv_posix_read_db(btstack_tlv_posix_t * self){
                     uint32_t tag = big_endian_read_32(entry, 0);
                     uint32_t len = big_endian_read_32(entry, 4);
 
-                    // arbitrary safety check: values < 1000 bytes each
-                    if (len > 1000) break;
+                    // arbitrary safety check: values <= MAX_TLV_VALUE_SIZE
+                    if (len > MAX_TLV_VALUE_SIZE) break;
 
                     // create new entry for regular tag
                     tlv_entry_t * new_entry = NULL;