From 155d30ce49502f2caa4d0dee267774add6f90e39 Mon Sep 17 00:00:00 2001
From: Philippe Teuwen <phil@teuwen.org>
Date: Wed, 29 Apr 2020 19:19:26 +0200
Subject: [PATCH] coverity fix 226278 and offset computation as side effect

---
 armsrc/appmain.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/armsrc/appmain.c b/armsrc/appmain.c
index b05a143f0..e14319df9 100644
--- a/armsrc/appmain.c
+++ b/armsrc/appmain.c
@@ -1642,7 +1642,7 @@ static void PacketReceived(PacketCommandNG *packet) {
             struct p {
                 uint8_t flag;
                 uint16_t offset;
-                uint8_t *data;
+                uint8_t data[PM3_CMD_DATA_SIZE - sizeof(uint8_t) - sizeof(uint16_t)];
             } PACKED;
             struct p *payload = (struct p *)packet->data.asBytes;
 
@@ -1654,11 +1654,11 @@ static void PacketReceived(PacketCommandNG *packet) {
             }
 
             // 40 000 - (512-3) 509 = 39491
-            uint16_t offset = MIN(BIGBUF_SIZE - PM3_CMD_DATA_SIZE - 3, payload->offset);
+            uint16_t offset = MIN(BIGBUF_SIZE - sizeof(payload->data), payload->offset);
 
             // need to copy len bytes of data, not PM3_CMD_DATA_SIZE - 3 - offset
             // ensure len bytes copied wont go past end of bigbuf
-            uint16_t len = MIN(BIGBUF_SIZE - offset, PM3_CMD_DATA_SIZE - 3);
+            uint16_t len = MIN(BIGBUF_SIZE - offset, sizeof(payload->data));
 
             uint8_t *mem = BigBuf_get_addr();