When the input reaches a certain level of complexity, a sub-function code implementation may want to deserialize a received byte array (p_cmd) into a provided structure (cmd) for use.
In general, the method will use 'cmds_scanf()' to deserialize the data, by passing in the two argument values (p_cmd and l_cmd), a 'pattern' value (a series of tokens, see below), and the address and size of the struct cmd stack variable.
Use of 'cmds_scanf()' is not necessary for simple inputs, however the architect may want to use the methods described below anyway. Accepting the p_cmd buffer, as is, can lead to vulnerabilities (buffer overruns, etc). It is recommended to use cmds_scanf as a check to ensure that the incoming data is correctly structured.
cmds_scanf() method use
|
|
The scan process has an awareness of the current offset into the byte data, which token (sub-part of a pattern) is current, what the current offset is into the cmd struct, and how many 4-byte entries in the cmd struct are consumed by the current token.
The scanning is also aware of different error conditions that may result from things like the cmd struct size not being correct for the pattern supplied, unexpected end of serialized data, unexpected data remaining at the end of the pattern, etc.