From 929884dfce37e6bc5cf0f3a26d7fd9c73bd5c5a1 Mon Sep 17 00:00:00 2001 From: Olliver Schinagl Date: Wed, 14 Aug 2024 10:20:42 +0200 Subject: [PATCH] sdk: packDev_t: Properly and entirely fill entire struct The values from associated_devices_t struct after linkInfo.txFailure were not written to the buffer at all (without the proper pointer increment, they would have been written to the wrong spot anyway). So this part of the buffer also contained uninitialized memory only. I completed the function to copy the entire struct, because the endDev.deviceTimeout and timeoutCounter were particularly interesting for me to inspect child aging. See https://github.com/Koenkk/zigbee2mqtt/issues/13478#issuecomment-1501085509 @slugzero Signed-off-by: Olliver Schinagl --- source/ti/zstack/mt/mt_util.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/source/ti/zstack/mt/mt_util.c b/source/ti/zstack/mt/mt_util.c index de29d8f57..0da0cb629 100644 --- a/source/ti/zstack/mt/mt_util.c +++ b/source/ti/zstack/mt/mt_util.c @@ -1547,10 +1547,17 @@ static void packDev_t(uint8_t *pBuf, associated_devices_t *pDev) *pBuf++ = pDev->linkInfo.txCost; *pBuf++ = pDev->linkInfo.rxLqi; *pBuf++ = pDev->linkInfo.inKeySeqNum; - OsalPort_bufferUint32( pBuf, pDev->linkInfo.inFrmCntr ); + OsalPort_bufferUint32(pBuf, pDev->linkInfo.inFrmCntr); pBuf += 4; *pBuf++ = LO_UINT16(pDev->linkInfo.txFailure); *pBuf++ = HI_UINT16(pDev->linkInfo.txFailure); + *pBuf++ = pDev->endDev.endDevCfg; + OsalPort_bufferUint32(pBuf, pDev->endDev.deviceTimeout); + pBuf += 4; + OsalPort_bufferUint32(pBuf, pDev->timeoutCounter); + pBuf += 4; + *pBuf++ = pDev->keepaliveRcv; + *pBuf++ = pDev->ctrl; } }