From 5151e8524cf0e095b1fd15cca58edc033900e215 Mon Sep 17 00:00:00 2001
From: Simon Frei <simon-frei@hotmail.com>
Date: Fri, 21 Oct 2022 16:52:28 +0200
Subject: [PATCH] validate string in Int32ArrayToStringForSF

---
 ADIS_tinyK22_SplitFlap/source/application.c | 12 +++++++-----
 ADIS_tinyK22_SplitFlap/source/shell.c       |  9 ++++++++-
 2 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/ADIS_tinyK22_SplitFlap/source/application.c b/ADIS_tinyK22_SplitFlap/source/application.c
index 9cbf1e5..d18d4da 100644
--- a/ADIS_tinyK22_SplitFlap/source/application.c
+++ b/ADIS_tinyK22_SplitFlap/source/application.c
@@ -86,11 +86,13 @@ static void App_Task(void* pv){
 				break;
 				case Shell_Display_String_SF:
 					sentence = (char*)calloc(cmd.numberOfParams,sizeof(char));
-					SHELL_Int32ArrayToStringForSF(cmd.params, cmd.numberOfParams, sentence);
-					McuLog_info("Sentence parsed");
-					MultiSplitFlap_Display(sentence);
-					free(sentence);
-					vTaskDelay(pdMS_TO_TICKS(2000));
+					if(SHELL_Int32ArrayToStringForSF(cmd.params, cmd.numberOfParams, sentence) == ERR_OK){
+						McuLog_info("Sentence parsed");
+						MultiSplitFlap_Display(sentence);
+						free(sentence);
+					}else{
+						McuLog_error("Invalid String to Display");
+					}
 					break;
 				case Shell_Powerof_rpi:
 				default:
diff --git a/ADIS_tinyK22_SplitFlap/source/shell.c b/ADIS_tinyK22_SplitFlap/source/shell.c
index ef66323..693c320 100644
--- a/ADIS_tinyK22_SplitFlap/source/shell.c
+++ b/ADIS_tinyK22_SplitFlap/source/shell.c
@@ -111,7 +111,7 @@ uint8_t SHELL_stringToInt32ArrayForSFCMD(const unsigned char **str, int32_t* res
 			*res = (int32_t)c;
 			res++;
 		} else{
-			return ERR_FAILED;
+			return ERR_RANGE;
 		}
 		c = *(++(*str));
 	}
@@ -120,7 +120,14 @@ uint8_t SHELL_stringToInt32ArrayForSFCMD(const unsigned char **str, int32_t* res
 
 uint8_t SHELL_Int32ArrayToStringForSF(int32_t* intArray, int8_t size, char *str){
 	for(uint8_t i = 0; i < size; i++){
+		if(intArray[i] > 127 || intArray[i] < 0){
+			return ERR_RANGE;
+		}
 		*str = (char)intArray[i];
+		if(!((*str <= '9' && *str >= '0') || (*str >= 'A' && *str <= 'Z') ||
+				*str == '!' || *str == '?' || *str == ':' || *str == ' ')){
+			return ERR_RANGE;
+		}
 		str++;
 	}
 	return ERR_OK;