From 658e74cc759db6fb6d51d5287749cff1cfd2a0a2 Mon Sep 17 00:00:00 2001
From: Fu Juntang <StrongTiger_001@163.com>
Date: 星期六, 04 九月 2021 10:48:31 +0800
Subject: [PATCH] Add strict parameters checks to avoid the invalid inputs.
---
src/bh_api.cpp | 177 ++++++++++++++++++++++++++++++++++++----------------------
1 files changed, 110 insertions(+), 67 deletions(-)
diff --git a/src/bh_api.cpp b/src/bh_api.cpp
index e36daee..5b24903 100644
--- a/src/bh_api.cpp
+++ b/src/bh_api.cpp
@@ -41,13 +41,13 @@
}_input;
::bhome_msg::ProcInfo input;
- if(!input.ParseFromArray(proc_info, proc_info_len)) {
+ if ((!input.ParseFromArray(proc_info, proc_info_len)) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
_input.proc_id = input.proc_id().c_str();
@@ -56,13 +56,13 @@
_input.private_info = input.private_info().c_str();
#else
- if ((proc_info == NULL) || (proc_info_len == 0)) {
+ if ((proc_info == NULL) || (proc_info_len == 0) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x90, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
#endif
@@ -77,7 +77,7 @@
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
rv = pthread_mutex_trylock(&mutex);
@@ -155,8 +155,7 @@
strncpy(errString, bus_strerror(rv), sizeof(errString));
}
-
-exit_entry:
+
#if defined(PRO_DE_SERIALIZE)
::bhome_msg::MsgCommonReply mcr;
mcr.mutable_errmsg()->set_errcode(::bhome_msg::ErrorCode(rv));
@@ -198,20 +197,29 @@
::bhome_msg::ProcInfo input;
- if(!input.ParseFromArray(proc_info, proc_info_len)) {
+ if(!input.ParseFromArray(proc_info, proc_info_len) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
_input.proc_id = input.proc_id().c_str();
_input.name = input.name().c_str();
_input.public_info = input.public_info().c_str();
_input.private_info = input.private_info().c_str();
+#else
+ if ((reply == NULL) || (reply_len == NULL)) {
+ rv = EBUS_INVALID_PARA;
+
+ memset(errString, 0x00, sizeof(errString));
+ strncpy(errString, bus_strerror(rv), sizeof(errString));
+
+ return false;
+ }
#endif
if (gRun_stat == 0) {
@@ -222,7 +230,7 @@
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
rv = pthread_mutex_trylock(&mutex);
@@ -250,7 +258,6 @@
strncpy(errString, bus_strerror(rv), sizeof(errString));
}
-exit_entry:
#if defined(PRO_DE_SERIALIZE)
::bhome_msg::MsgCommonReply mcr;
mcr.mutable_errmsg()->set_errcode(::bhome_msg::ErrorCode(rv));
@@ -291,14 +298,14 @@
}_input;
::bhome_msg::MsgTopicList input;
- if(!input.ParseFromArray(topics, topics_len)) {
+ if(!input.ParseFromArray(topics, topics_len) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
_input.amount = input.topic_list_size();
@@ -312,14 +319,14 @@
total += strlen(_input.topics[i]) + 1;
}
#else
- if ((topics == NULL) || (topics_len == 0)) {
+ if ((topics == NULL) || (topics_len == 0) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
total = topics_len;
@@ -332,7 +339,7 @@
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
rv = pthread_mutex_trylock(&mutex);
@@ -349,7 +356,7 @@
pthread_mutex_unlock(&mutex);
- goto exit_entry;
+ return false;
}
memset(topics_buf, 0x00, total);
@@ -387,7 +394,6 @@
strncpy(errString, bus_strerror(rv), sizeof(errString));
}
-exit_entry:
#if defined(PRO_DE_SERIALIZE)
::bhome_msg::MsgCommonReply mcr;
mcr.mutable_errmsg()->set_errcode(::bhome_msg::ErrorCode(rv));
@@ -434,13 +440,13 @@
::bhome_msg::BHAddress input0;
::bhome_msg::MsgQueryTopic input1;
- if (!input0.ParseFromArray(remote, remote_len) || !input1.ParseFromArray(topic, topic_len)) {
+ if (!input0.ParseFromArray(remote, remote_len) || !input1.ParseFromArray(topic, topic_len) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
_input0.mq_id = input0.mq_id();
@@ -450,13 +456,13 @@
_input1 = input1.topic().c_str();
#else
- if ((topic == NULL) || (topic_len == 0)) {
+ if ((topic == NULL) || (topic_len == 0) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
#endif
@@ -467,7 +473,7 @@
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
rv = pthread_mutex_trylock(&mutex);
@@ -495,7 +501,6 @@
strncpy(errString, bus_strerror(rv), sizeof(errString));
}
-exit_entry:
#if defined(PRO_DE_SERIALIZE)
struct _MsgQueryTopicReply
@@ -588,13 +593,13 @@
::bhome_msg::BHAddress input0;
::bhome_msg::MsgQueryProc input1;
- if (!input0.ParseFromArray(remote, remote_len) || !input1.ParseFromArray(query, query_len)) {
+ if (!input0.ParseFromArray(remote, remote_len) || !input1.ParseFromArray(query, query_len) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
_input0.mq_id = input0.mq_id();
@@ -602,6 +607,14 @@
_input0.ip = input0.ip().c_str();
_input0.port = input0.port();
_input1 = input1.proc_id().c_str();
+#else
+ if ((reply == NULL) || (reply_len == NULL)) {
+ rv = EBUS_INVALID_PARA;
+ memset(errString, 0x00, sizeof(errString));
+ strncpy(errString, bus_strerror(rv), sizeof(errString));
+
+ return false;
+ }
#endif
if (gRun_stat == 0) {
@@ -611,7 +624,7 @@
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
rv = pthread_mutex_trylock(&mutex);
@@ -635,7 +648,6 @@
strncpy(errString, bus_strerror(rv), sizeof(errString));
}
-exit_entry:
#if defined(PRO_DE_SERIALIZE)
struct _MsgQueryProcReply
{
@@ -743,13 +755,13 @@
}_input;
::bhome_msg::MsgTopicList input;
- if(!input.ParseFromArray(topics, topics_len)) {
+ if(!input.ParseFromArray(topics, topics_len) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
_input.amount = input.topic_list_size();
@@ -765,12 +777,12 @@
}
#else
- if ((topics == NULL) || (topics_len == 0)) {
+ if ((topics == NULL) || (topics_len == 0) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
#endif
@@ -781,7 +793,7 @@
memset(errString, 0x00, sizeof(errString));
strncpy(errString, bus_strerror(rv), sizeof(errString));
- goto exit_entry;
+ return false;
}
rv = pthread_mutex_trylock(&mutex);
@@ -798,7 +810,7 @@
pthread_mutex_unlock(&mutex);
- goto exit_entry;
+ return false;
}
memset(topics_buf, 0x00, total);
@@ -850,7 +862,6 @@
strncpy(errString, bus_strerror(rv), sizeof(errString));
}
-exit_entry:
#if defined(PRO_DE_SERIALIZE)
::bhome_msg::MsgCommonReply mcr;
mcr.mutable_errmsg()->set_errcode(::bhome_msg::ErrorCode(rv));
@@ -1053,6 +1064,14 @@
return false;
}
+
+ if ((msgpub == NULL) || (msgpub_len == NULL)) {
+ rv = EBUS_INVALID_PARA;
+ memset(errString, 0x00, sizeof(errString));
+ strncpy(errString, bus_strerror(rv), sizeof(errString));
+
+ return false;
+ }
if (timeout_ms > 0) {
sec = timeout_ms / 1000;
@@ -1092,10 +1111,12 @@
memset(topics_buf, 0x00, sizeof(topics_buf));
sprintf(topics_buf, "%d", key);
- rsr.proc_id = topics_buf;
- *proc_id_len = rsr.proc_id.size();
- *proc_id = malloc(*proc_id_len);
- memcpy(*proc_id, rsr.proc_id.data(), *proc_id_len);
+ if ((proc_id != NULL) && (proc_id_len != NULL)) {
+ rsr.proc_id = topics_buf;
+ *proc_id_len = rsr.proc_id.size();
+ *proc_id = malloc(*proc_id_len);
+ memcpy(*proc_id, rsr.proc_id.data(), *proc_id_len);
+ }
::bhome_msg::MsgPublish Mp;
Mp.set_topic(rsr.topic);
@@ -1116,12 +1137,14 @@
*msgpub = ptr;
*msgpub_len = len;
- memset(topics_buf, 0x00, sizeof(topics_buf));
- sprintf(topics_buf, "%d", key);
-
- *proc_id_len = strlen(topics_buf);
- *proc_id = malloc(*proc_id_len);
- memcpy(*proc_id, topics_buf, *proc_id_len);
+ if ((proc_id != NULL) && (proc_id_len != NULL)) {
+ memset(topics_buf, 0x00, sizeof(topics_buf));
+ sprintf(topics_buf, "%d", key);
+
+ *proc_id_len = strlen(topics_buf);
+ *proc_id = malloc(*proc_id_len);
+ memcpy(*proc_id, topics_buf, *proc_id_len);
+ }
#endif
@@ -1291,9 +1314,10 @@
}
if (rv == 0) {
- memset(topics_buf, 0x00, sizeof(topics_buf));
- sprintf(topics_buf, "%d", val);
- MsgID = topics_buf;
+
+ memset(buf_temp, 0x00, sizeof(buf_temp));
+ sprintf(buf_temp, "%d", val);
+ MsgID = buf_temp;
*msg_id_len = MsgID.size();
*msg_id = malloc(*msg_id_len);
@@ -1346,7 +1370,7 @@
::bhome_msg::BHAddress input0;
::bhome_msg::MsgRequestTopic input1;
- if (!input0.ParseFromArray(remote, remote_len) || !input1.ParseFromArray(request, request_len)) {
+ if (!input0.ParseFromArray(remote, remote_len) || !input1.ParseFromArray(request, request_len) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
@@ -1363,7 +1387,7 @@
_input1.data = input1.data().c_str();
#else
- if ((request == NULL) || (request_len == 0)) {
+ if ((request == NULL) || (request_len == 0) || (reply == NULL) || (reply_len == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
@@ -1447,12 +1471,15 @@
size = recv_arr[0].content_length;
buf = (char *)malloc(size);
- memset(buf, 0x00, size);
+ if (buf == NULL) {
+ printf("Out of memory\n");
+
+ exit(0);
+ }
+ memset((char *)buf, 0x00, size);
+
strncpy((char *)buf, (char *)recv_arr[0].content, size);
-#if !defined(PRO_DE_SERIALIZE)
- *reply = buf;
- *reply_len = size;
-#endif
+
}
net_mod_socket_free_recv_msg_arr(recv_arr, recv_arr_size);
@@ -1478,17 +1505,23 @@
strncpy(errString, bus_strerror(rv), sizeof(errString));
if (rv == 0) {
- memset(buf_temp, 0x00, sizeof(buf_temp));
- sprintf(buf_temp, "%d", node.key);
+ if ((proc_id != NULL) && (proc_id_len != NULL)) {
+ memset(buf_temp, 0x00, sizeof(buf_temp));
+ sprintf(buf_temp, "%d", node.key);
- rr.proc_id = buf_temp;
- *proc_id_len = rr.proc_id.size();
- *proc_id = malloc(*proc_id_len);
- memcpy(*proc_id, rr.proc_id.data(), *proc_id_len);
+ rr.proc_id = buf_temp;
+ *proc_id_len = rr.proc_id.size();
+ *proc_id = malloc(*proc_id_len);
+ memcpy(*proc_id, rr.proc_id.c_str(), *proc_id_len);
+ }
memset(buf_temp, 0x00, sizeof(buf_temp));
memcpy(buf_temp, buf, size);
rr.data = buf_temp;
+
+ free(buf);
+
+ printf("BHRequest finished_7\n");
}
pthread_mutex_unlock(&mutex);
@@ -1546,6 +1579,14 @@
return false;
}
+
+ if ((request == NULL) || (request_len == 0) || (src == NULL)) {
+ rv = EBUS_INVALID_PARA;
+ memset(errString, 0x00, sizeof(errString));
+ strncpy(errString, bus_strerror(rv), sizeof(errString));
+
+ return false;
+ }
if (timeout_ms > 0) {
@@ -1572,12 +1613,14 @@
void *src;
} rrr;
- sprintf(buf_temp, "%d", key);
- rrr.proc_id = buf_temp;
+ if ((proc_id != NULL) && (proc_id_len != NULL)) {
+ sprintf(buf_temp, "%d", key);
+ rrr.proc_id = buf_temp;
- *proc_id_len = rrr.proc_id.size();
- *proc_id = malloc(*proc_id_len);
- memcpy(*proc_id, rrr.proc_id.data(), *proc_id_len);
+ *proc_id_len = rrr.proc_id.size();
+ *proc_id = malloc(*proc_id_len);
+ memcpy(*proc_id, rrr.proc_id.data(), *proc_id_len);
+ }
topics_buf = (char *)malloc(size + MIN_STR_LEN);
if (topics_buf == NULL) {
@@ -1642,7 +1685,7 @@
#if defined(PRO_DE_SERIALIZE)
::bhome_msg::MsgRequestTopicReply input;
- if (!input.ParseFromArray(reply, reply_len)) {
+if (!input.ParseFromArray(reply, reply_len) || (src == NULL)) {
rv = EBUS_INVALID_PARA;
memset(errString, 0x00, sizeof(errString));
--
Gitblit v1.8.0