From 658e74cc759db6fb6d51d5287749cff1cfd2a0a2 Mon Sep 17 00:00:00 2001
From: Fu Juntang <StrongTiger_001@163.com>
Date: 星期六, 04 九月 2021 10:48:31 +0800
Subject: [PATCH] Add strict parameters checks to avoid the invalid inputs.
---
src/bh_api.cpp | 177 +++++++++++++++++++++++++++----------------
test_socket/bus_test_inter.cpp | 43 ++++++----
2 files changed, 136 insertions(+), 84 deletions(-)
diff --git a/src/bh_api.cpp b/src/bh_api.cpp
index e36daee..5b24903 100644
--- a/src/bh_api.cpp
+++ b/src/bh_api.cpp
@@ -41,13 +41,13 @@
}_input;
::bhome_msg::ProcInfo input;
- if(!input.ParseFromArray(proc_info, proc_info_len)) {
+ if ((!input.ParseFromArray(proc_info, proc_info_len)) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
_input.proc_id = input.proc_id().c_str();
@@ -56,13 +56,13 @@
_input.private_info = input.private_info().c_str();
#else
- if ((proc_info == NULL) || (proc_info_len == 0)) {
+ if ((proc_info == NULL) || (proc_info_len == 0) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x90, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
#endif
@@ -77,7 +77,7 @@
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
rv = pthread_mutex_trylock(&mutex);
@@ -155,8 +155,7 @@
strncpy(errString, bus_strerror(rv), sizeof(errString));
}
-
-exit_entry:
+
#if defined(PRO_DE_SERIALIZE)
::bhome_msg::MsgCommonReply mcr;
mcr.mutable_errmsg()->set_errcode(::bhome_msg::ErrorCode(rv));
@@ -198,20 +197,29 @@
::bhome_msg::ProcInfo input;
- if(!input.ParseFromArray(proc_info, proc_info_len)) {
+ if(!input.ParseFromArray(proc_info, proc_info_len) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
_input.proc_id = input.proc_id().c_str();
_input.name = input.name().c_str();
_input.public_info = input.public_info().c_str();
_input.private_info = input.private_info().c_str();
+#else
+ if ((reply == NULL) || (reply_len == NULL)) {
+ rv = EBUS_INVALID_PARA;
+
+ memset(errString, 0x00, sizeof(errString));
+ strncpy(errString, bus_strerror(rv), sizeof(errString));
+
+ return false;
+ }
#endif
if (gRun_stat == 0) {
@@ -222,7 +230,7 @@
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
rv = pthread_mutex_trylock(&mutex);
@@ -250,7 +258,6 @@
strncpy(errString, bus_strerror(rv), sizeof(errString));
}
-exit_entry:
#if defined(PRO_DE_SERIALIZE)
::bhome_msg::MsgCommonReply mcr;
mcr.mutable_errmsg()->set_errcode(::bhome_msg::ErrorCode(rv));
@@ -291,14 +298,14 @@
}_input;
::bhome_msg::MsgTopicList input;
- if(!input.ParseFromArray(topics, topics_len)) {
+ if(!input.ParseFromArray(topics, topics_len) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
_input.amount = input.topic_list_size();
@@ -312,14 +319,14 @@
total += strlen(_input.topics[i]) + 1;
}
#else
- if ((topics == NULL) || (topics_len == 0)) {
+ if ((topics == NULL) || (topics_len == 0) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
total = topics_len;
@@ -332,7 +339,7 @@
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
rv = pthread_mutex_trylock(&mutex);
@@ -349,7 +356,7 @@
pthread_mutex_unlock(&mutex);
- goto exit_entry;
+ return false;
}
memset(topics_buf, 0x00, total);
@@ -387,7 +394,6 @@
strncpy(errString, bus_strerror(rv), sizeof(errString));
}
-exit_entry:
#if defined(PRO_DE_SERIALIZE)
::bhome_msg::MsgCommonReply mcr;
mcr.mutable_errmsg()->set_errcode(::bhome_msg::ErrorCode(rv));
@@ -434,13 +440,13 @@
::bhome_msg::BHAddress input0;
::bhome_msg::MsgQueryTopic input1;
- if (!input0.ParseFromArray(remote, remote_len) || !input1.ParseFromArray(topic, topic_len)) {
+ if (!input0.ParseFromArray(remote, remote_len) || !input1.ParseFromArray(topic, topic_len) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
_input0.mq_id = input0.mq_id();
@@ -450,13 +456,13 @@
_input1 = input1.topic().c_str();
#else
- if ((topic == NULL) || (topic_len == 0)) {
+ if ((topic == NULL) || (topic_len == 0) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
#endif
@@ -467,7 +473,7 @@
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
rv = pthread_mutex_trylock(&mutex);
@@ -495,7 +501,6 @@
strncpy(errString, bus_strerror(rv), sizeof(errString));
}
-exit_entry:
#if defined(PRO_DE_SERIALIZE)
struct _MsgQueryTopicReply
@@ -588,13 +593,13 @@
::bhome_msg::BHAddress input0;
::bhome_msg::MsgQueryProc input1;
- if (!input0.ParseFromArray(remote, remote_len) || !input1.ParseFromArray(query, query_len)) {
+ if (!input0.ParseFromArray(remote, remote_len) || !input1.ParseFromArray(query, query_len) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
_input0.mq_id = input0.mq_id();
@@ -602,6 +607,14 @@
_input0.ip = input0.ip().c_str();
_input0.port = input0.port();
_input1 = input1.proc_id().c_str();
+#else
+ if ((reply == NULL) || (reply_len == NULL)) {
+ rv = EBUS_INVALID_PARA;
+ memset(errString, 0x00, sizeof(errString));
+ strncpy(errString, bus_strerror(rv), sizeof(errString));
+
+ return false;
+ }
#endif
if (gRun_stat == 0) {
@@ -611,7 +624,7 @@
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
rv = pthread_mutex_trylock(&mutex);
@@ -635,7 +648,6 @@
strncpy(errString, bus_strerror(rv), sizeof(errString));
}
-exit_entry:
#if defined(PRO_DE_SERIALIZE)
struct _MsgQueryProcReply
{
@@ -743,13 +755,13 @@
}_input;
::bhome_msg::MsgTopicList input;
- if(!input.ParseFromArray(topics, topics_len)) {
+ if(!input.ParseFromArray(topics, topics_len) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
_input.amount = input.topic_list_size();
@@ -765,12 +777,12 @@
}
#else
- if ((topics == NULL) || (topics_len == 0)) {
+ if ((topics == NULL) || (topics_len == 0) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
#endif
@@ -781,7 +793,7 @@
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
rv = pthread_mutex_trylock(&mutex);
@@ -798,7 +810,7 @@
pthread_mutex_unlock(&mutex);
- goto exit_entry;
+ return false;
}
memset(topics_buf, 0x00, total);
@@ -850,7 +862,6 @@
strncpy(errString, bus_strerror(rv), sizeof(errString));
}
-exit_entry:
#if defined(PRO_DE_SERIALIZE)
::bhome_msg::MsgCommonReply mcr;
mcr.mutable_errmsg()->set_errcode(::bhome_msg::ErrorCode(rv));
@@ -1053,6 +1064,14 @@
return false;
}
+
+ if ((msgpub == NULL) || (msgpub_len == NULL)) {
+ rv = EBUS_INVALID_PARA;
+ memset(errString, 0x00, sizeof(errString));
+ strncpy(errString, bus_strerror(rv), sizeof(errString));
+
+ return false;
+ }
if (timeout_ms > 0) {
sec = timeout_ms / 1000;
@@ -1092,10 +1111,12 @@
memset(topics_buf, 0x00, sizeof(topics_buf));
sprintf(topics_buf, "%d", key);
- rsr.proc_id = topics_buf;
- *proc_id_len = rsr.proc_id.size();
- *proc_id = malloc(*proc_id_len);
- memcpy(*proc_id, rsr.proc_id.data(), *proc_id_len);
+ if ((proc_id != NULL) && (proc_id_len != NULL)) {
+ rsr.proc_id = topics_buf;
+ *proc_id_len = rsr.proc_id.size();
+ *proc_id = malloc(*proc_id_len);
+ memcpy(*proc_id, rsr.proc_id.data(), *proc_id_len);
+ }
::bhome_msg::MsgPublish Mp;
Mp.set_topic(rsr.topic);
@@ -1116,12 +1137,14 @@
*msgpub = ptr;
*msgpub_len = len;
- memset(topics_buf, 0x00, sizeof(topics_buf));
- sprintf(topics_buf, "%d", key);
-
- *proc_id_len = strlen(topics_buf);
- *proc_id = malloc(*proc_id_len);
- memcpy(*proc_id, topics_buf, *proc_id_len);
+ if ((proc_id != NULL) && (proc_id_len != NULL)) {
+ memset(topics_buf, 0x00, sizeof(topics_buf));
+ sprintf(topics_buf, "%d", key);
+
+ *proc_id_len = strlen(topics_buf);
+ *proc_id = malloc(*proc_id_len);
+ memcpy(*proc_id, topics_buf, *proc_id_len);
+ }
#endif
@@ -1291,9 +1314,10 @@
}
if (rv == 0) {
- memset(topics_buf, 0x00, sizeof(topics_buf));
- sprintf(topics_buf, "%d", val);
- MsgID = topics_buf;
+
+ memset(buf_temp, 0x00, sizeof(buf_temp));
+ sprintf(buf_temp, "%d", val);
+ MsgID = buf_temp;
*msg_id_len = MsgID.size();
*msg_id = malloc(*msg_id_len);
@@ -1346,7 +1370,7 @@
::bhome_msg::BHAddress input0;
::bhome_msg::MsgRequestTopic input1;
- if (!input0.ParseFromArray(remote, remote_len) || !input1.ParseFromArray(request, request_len)) {
+ if (!input0.ParseFromArray(remote, remote_len) || !input1.ParseFromArray(request, request_len) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
@@ -1363,7 +1387,7 @@
_input1.data = input1.data().c_str();
#else
- if ((request == NULL) || (request_len == 0)) {
+ if ((request == NULL) || (request_len == 0) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
@@ -1447,12 +1471,15 @@
size = recv_arr[0].content_length;
buf = (char *)malloc(size);
- memset(buf, 0x00, size);
+ if (buf == NULL) {
+ printf("Out of memory\n");
+
+ exit(0);
+ }
+ memset((char *)buf, 0x00, size);
+
strncpy((char *)buf, (char *)recv_arr[0].content, size);
-#if !defined(PRO_DE_SERIALIZE)
- *reply = buf;
- *reply_len = size;
-#endif
+
}
net_mod_socket_free_recv_msg_arr(recv_arr, recv_arr_size);
@@ -1478,17 +1505,23 @@
strncpy(errString, bus_strerror(rv), sizeof(errString));
if (rv == 0) {
- memset(buf_temp, 0x00, sizeof(buf_temp));
- sprintf(buf_temp, "%d", node.key);
+ if ((proc_id != NULL) && (proc_id_len != NULL)) {
+ memset(buf_temp, 0x00, sizeof(buf_temp));
+ sprintf(buf_temp, "%d", node.key);
- rr.proc_id = buf_temp;
- *proc_id_len = rr.proc_id.size();
- *proc_id = malloc(*proc_id_len);
- memcpy(*proc_id, rr.proc_id.data(), *proc_id_len);
+ rr.proc_id = buf_temp;
+ *proc_id_len = rr.proc_id.size();
+ *proc_id = malloc(*proc_id_len);
+ memcpy(*proc_id, rr.proc_id.c_str(), *proc_id_len);
+ }
memset(buf_temp, 0x00, sizeof(buf_temp));
memcpy(buf_temp, buf, size);
rr.data = buf_temp;
+
+ free(buf);
+
+ printf("BHRequest finished_7\n");
}
pthread_mutex_unlock(&mutex);
@@ -1546,6 +1579,14 @@
return false;
}
+
+ if ((request == NULL) || (request_len == 0) || (src == NULL)) {
+ rv = EBUS_INVALID_PARA;
+ memset(errString, 0x00, sizeof(errString));
+ strncpy(errString, bus_strerror(rv), sizeof(errString));
+
+ return false;
+ }
if (timeout_ms > 0) {
@@ -1572,12 +1613,14 @@
void *src;
} rrr;
- sprintf(buf_temp, "%d", key);
- rrr.proc_id = buf_temp;
+ if ((proc_id != NULL) && (proc_id_len != NULL)) {
+ sprintf(buf_temp, "%d", key);
+ rrr.proc_id = buf_temp;
- *proc_id_len = rrr.proc_id.size();
- *proc_id = malloc(*proc_id_len);
- memcpy(*proc_id, rrr.proc_id.data(), *proc_id_len);
+ *proc_id_len = rrr.proc_id.size();
+ *proc_id = malloc(*proc_id_len);
+ memcpy(*proc_id, rrr.proc_id.data(), *proc_id_len);
+ }
topics_buf = (char *)malloc(size + MIN_STR_LEN);
if (topics_buf == NULL) {
@@ -1642,7 +1685,7 @@
#if defined(PRO_DE_SERIALIZE)
::bhome_msg::MsgRequestTopicReply input;
- if (!input.ParseFromArray(reply, reply_len)) {
+if (!input.ParseFromArray(reply, reply_len) || (src == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
diff --git a/test_socket/bus_test_inter.cpp b/test_socket/bus_test_inter.cpp
index 8abcb46..43b97a5 100644
--- a/test_socket/bus_test_inter.cpp
+++ b/test_socket/bus_test_inter.cpp
@@ -214,6 +214,8 @@
if (ret == true) {
printf("the process registered OKay\n");
+ BHFree(buf_temp, size);
+
} else {
BHGetLastError(&errBuf, &size);
printf("the process registered fail with error: %s\n", (char *)errBuf);
@@ -222,12 +224,13 @@
printf("the second way to get the error log: %s\n", buf_temp);
};
- BHFree(buf_temp, size);
ret = BHUnregister(NULL, 0, &buf_temp, &size, timeout_ms);
if (ret == true) {
printf("the process unregistered OKay\n");
+ BHFree(buf_temp, size);
+
} else {
BHGetLastError(&errBuf, &size);
printf("the process unregistered fail with error: %s\n", (char *)errBuf);
@@ -236,7 +239,6 @@
printf("the second way to get the error log: %s\n", buf_temp);
};
- BHFree(buf_temp, size);
}
//const char *topics_reg_buf1[] = {"topics demo1"};
@@ -261,37 +263,40 @@
if (ret == true) {
printf("the process registered OKay\n");
+ BHFree(buf_temp, size);
+
} else {
BHGetLastError(&errBuf, &size);
printf("the process registered fail with error: %s(%s)\n", (char *)errBuf, buf_temp);
BHFree(errBuf, size);
};
- BHFree(buf_temp, size);
ret = BHRegisterTopics(topics_reg_buf1, strlen(topics_reg_buf1), &buf_temp, &size, timeout_ms);
if (ret == true) {
printf("the process registered topics OKay\n");
+ BHFree(buf_temp, size);
+
} else {
BHGetLastError(&errBuf, &size);
printf("the process registered1 fail with errorL %s(%s)\n", (char *)errBuf, buf_temp);
BHFree(errBuf, size);
};
- BHFree(buf_temp, size);
ret = BHRegisterTopics(topics_reg_buf2, strlen(topics_reg_buf2), &buf_temp, &size, timeout_ms);
if (ret == true) {
printf("the process registered topics OKay\n");
+ BHFree(buf_temp, size);
+
} else {
BHGetLastError(&errBuf, &size);
printf("the process registered2 fail with error: %s(%s)\n", (char *)errBuf, buf_temp);
BHFree(errBuf, size);
};
- BHFree(buf_temp, size);
ret = BHQueryTopicAddress(NULL, 0, topics_query_buf1, strlen(topics_query_buf1), &buf_temp, &size, timeout_ms);
if (ret == true) {
@@ -299,13 +304,14 @@
parseQueryTopicsBuf(buf_temp, size);
+ BHFree(buf_temp, size);
+
} else {
BHGetLastError(&errBuf, &size);
printf("the process query3 fail with error: %s(%s)\n", (char *)errBuf, buf_temp);
BHFree(errBuf, size);
};
- BHFree(buf_temp, size);
ret = BHQueryTopicAddress(NULL, 0, topics_query_buf2, strlen(topics_query_buf2), &buf_temp, &size, timeout_ms);
if (ret == true) {
@@ -313,13 +319,13 @@
parseQueryTopicsBuf(buf_temp, size);
+ BHFree(buf_temp, size);
} else {
BHGetLastError(&errBuf, &size);
printf("the process query4 fail with error: %s(%s)\n", (char *)errBuf, buf_temp);
BHFree(errBuf, size);
};
- BHFree(buf_temp, size);
pthread_create(&tids, NULL, client_recv, NULL);
@@ -327,49 +333,50 @@
if (ret == true) {
printf("the process registered topics OKay\n");
+ BHFree(buf_temp, size);
} else {
BHGetLastError(&errBuf, &size);
printf("the process registered1 fail with errorL %s(%s)\n", (char *)errBuf, buf_temp);
BHFree(errBuf, size);
};
- BHFree(buf_temp, size);
ret = BHSubscribeTopics(topics_sub_buf1, strlen(topics_sub_buf1), &buf_temp, &size, timeout_ms);
if (ret == true) {
printf("the process subscribe topics OKay\n");
+ BHFree(buf_temp, size);
+
} else {
BHGetLastError(&errBuf, &size);
printf("the process sub1 fail with error: %s(%s)\n", (char *)errBuf, buf_temp);
BHFree(errBuf, size);
};
- BHFree(buf_temp, size);
ret = BHSubscribeTopics(topics_sub_buf2, strlen(topics_sub_buf2), &buf_temp, &size, timeout_ms);
if (ret == true) {
printf("tthe process subscribe topics OKay\n");
+ BHFree(buf_temp, size);
} else {
BHGetLastError(&errBuf, &size);
printf("the process sub2 fail with error: %s\n", (char *)errBuf);
BHFree(errBuf, size);
};
- BHFree(buf_temp, size);
ret = BHRegisterTopics(topics_reg_buf2, strlen(topics_reg_buf2), &buf_temp, &size, timeout_ms);
if (ret == true) {
printf("the process registered topics OKay\n");
+ BHFree(buf_temp, size);
} else {
BHGetLastError(&errBuf, &size);
printf("the process registered10 fail with errorL %s\n", (char *)errBuf);
BHFree(errBuf, size);
};
- BHFree(buf_temp, size);
const char *topics_server_specific_reg_buf1 = "Server Specific topics demo1";
const char *topics_server_specific_reg_buf2 = "Server Specific Hello World";
@@ -412,15 +419,15 @@
printf("the response data(%s) from procid(%s)\n", data_buf, (char *)proc_id);
-
+ BHFree(buf_temp, size);
+
} else {
BHGetLastError(&errBuf, &size);
printf("the process BHRequest topics fail with error: %s\n", (char *)errBuf);
BHFree(errBuf, size);
- };
- BHFree(buf_temp, size);
+ }
ret = BHRequest(NULL, 0, topics_server_specific_reg_buf2, strlen(topics_server_specific_reg_buf2), &proc_id, &id_len,
&buf_temp, &size, timeout_ms);
@@ -432,6 +439,8 @@
printf("the response data(%s) from procid(%s)\n", data_buf, (char *)proc_id);
+ BHFree(buf_temp, size);
+
} else {
BHGetLastError(&errBuf, &size);
@@ -439,7 +448,6 @@
BHFree(errBuf, size);
};
- BHFree(buf_temp, size);
#if !defined(PRO_DE_SERIALIZE)
ret = BHPublish(topics_pub_topic1, topics_pub_topic1_data, timeout_ms);
@@ -467,13 +475,13 @@
parseQueryProcBuf(buf_temp, size);
+ BHFree(buf_temp, size);
} else {
BHGetLastError(&errBuf, &size);
printf("the process query proc fail with error: %s\n", (char *)errBuf);
BHFree(errBuf, size);
};
- BHFree(buf_temp, size);
#if 1
while(1) {
@@ -485,13 +493,14 @@
if (ret == true) {
printf("the process unregistered OKay\n");
+ BHFree(buf_temp, size);
+
} else {
BHGetLastError(&errBuf, &size);
printf("the process unregistered fail with error: %s\n", (char *)errBuf);
BHFree(errBuf, size);
};
- BHFree(buf_temp, size);
#endif
--
Gitblit v1.8.0