cmhi
/
secgateway
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

MOD aaa-12 解决json转换成结构体的时候,字符串可能越界的问题 

SOL  解决json转换成结构体的时候,字符串可能越界的问题
修改人:zhangliang
检视人:zhangliang
This commit is contained in:
zhanglianghy 2019-07-18 09:21:03 +08:00
parent 4f979f531c
commit 9a00deb81d
3 changed files with 32 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Common/s2j/s2jdef.h
View File

@ -50,6 +50,10 @@ typedef struct {
json_temp = cJSON_GetObjectItem(from_json, #_element); \ json_temp = cJSON_GetObjectItem(from_json, #_element); \
if (json_temp) strcpy((to_struct)->_element, json_temp->valuestring); if (json_temp) strcpy((to_struct)->_element, json_temp->valuestring);
#define S2J_STRUCT_GET_STRING_ELEMENT_N(to_struct, from_json, _element, n) \
json_temp = cJSON_GetObjectItem(from_json, #_element); \
if (json_temp && n > 1) strncpy((to_struct)->_element, json_temp->valuestring, n-1);
#define S2J_STRUCT_GET_double_ELEMENT(to_struct, from_json, _element) \ #define S2J_STRUCT_GET_double_ELEMENT(to_struct, from_json, _element) \
json_temp = cJSON_GetObjectItem(from_json, #_element); \ json_temp = cJSON_GetObjectItem(from_json, #_element); \
if (json_temp) (to_struct)->_element = json_temp->valuedouble; if (json_temp) (to_struct)->_element = json_temp->valuedouble;

13
Platform/user/configm/config-server/configserver.c
View File

@ -165,7 +165,7 @@ ret_code cm_config_get_allconfig(uint source,
config_len = strlen(json_str) + 1; config_len = strlen(json_str) + 1;
memset(config_buff, 0, CM_BUFF_SIZE); memset(config_buff, 0, CM_BUFF_SIZE);
strncpy(config_buff, json_str, CM_BUFF_SIZE); strncpy(config_buff, json_str, CM_BUFF_SIZE - 1);
free(json_str); free(json_str);
@ -279,7 +279,7 @@ void cm_config_process(rpc_conn *conn, pointer input, int input_len, void* data)
config_msg = (config_msg_t *)input; config_msg = (config_msg_t *)input;
config_len = input_len - sizeof(config_msg_t); config_len = input_len - sizeof(config_msg_t);
rpc_log_info("recv config from %d, config type is %d config id is 0x%llx ,len is %x\r\n", rpc_log_info("recv config from %d, config type is %d config id is 0x%llx ,len is %d\r\n",
config_msg->source, config_msg->config_type, config_msg->config_id, config_msg->source, config_msg->config_type, config_msg->config_id,
config_len); config_len);
@ -349,8 +349,9 @@ void cm_config_process(rpc_conn *conn, pointer input, int input_len, void* data)
&buff_len); &buff_len);
} }
break; break;
case CM_CONFIG_ADD:
default: case CM_CONFIG_DEL:
case CM_CONFIG_SET:
if(config_svr->proc_callback) if(config_svr->proc_callback)
{ {
ret = config_svr->proc_callback(config_msg->source, ret = config_svr->proc_callback(config_msg->source,
@ -361,6 +362,10 @@ void cm_config_process(rpc_conn *conn, pointer input, int input_len, void* data)
&buff_len); &buff_len);
} }
break; break;
default:
ret = RET_INPUTERR;
break;
} }
if(buff_len > CM_BUFF_SIZE) if(buff_len > CM_BUFF_SIZE)

38
Platform/user/configm/config-server/ipconfig/ipconfig.c
View File

@ -106,7 +106,7 @@ ret_code ip_config_json_parse(pointer input, uint *conf_type, ip_config_t *confi
return RET_INPUTERR; return RET_INPUTERR;
} }
rpc_log_info("json input\n %s \n", cJSON_Print(json_obj)); rpc_log_info("json input:\n %s \n", cJSON_Print(json_obj));
s2j_create_struct_obj(ip_config, ip_config_string_t); s2j_create_struct_obj(ip_config, ip_config_string_t);
@ -117,12 +117,12 @@ ret_code ip_config_json_parse(pointer input, uint *conf_type, ip_config_t *confi
} }
s2j_struct_get_basic_element(ip_config, json_obj, int, config_type); s2j_struct_get_basic_element(ip_config, json_obj, int, config_type);
s2j_struct_get_basic_element(ip_config, json_obj, string, ifname); S2J_STRUCT_GET_STRING_ELEMENT_N(ip_config, json_obj, ifname, INTERFACE_NAMSIZ);
s2j_struct_get_basic_element(ip_config, json_obj, int, family); s2j_struct_get_basic_element(ip_config, json_obj, int, family);
s2j_struct_get_basic_element(ip_config, json_obj, string, ipaddr); S2J_STRUCT_GET_STRING_ELEMENT_N(ip_config, json_obj, ipaddr, DOT_IP_STR);
s2j_struct_get_basic_element(ip_config, json_obj, int, prefixlen); s2j_struct_get_basic_element(ip_config, json_obj, int, prefixlen);
strncpy(config_buff->ifname, ip_config->ifname, INTERFACE_NAMSIZ); strncpy(config_buff->ifname, ip_config->ifname, INTERFACE_NAMSIZ - 1);
config_buff->family = (uchar)ip_config->family; config_buff->family = (uchar)ip_config->family;
config_buff->prefixlen = (uchar)ip_config->prefixlen; config_buff->prefixlen = (uchar)ip_config->prefixlen;
@ -150,12 +150,12 @@ ret_code ip_config_json_parse_array(pointer input, uint *conf_type,
return RET_INPUTERR; return RET_INPUTERR;
} }
rpc_log_info("json input %s \n", cJSON_Print(json_obj)); rpc_log_info("json input:%s \n", cJSON_Print(json_obj));
iCount = cJSON_GetArraySize(json_obj); /*»ñÈ¡Êý×鳤¶È*/ iCount = cJSON_GetArraySize(json_obj); /*»ñÈ¡Êý×鳤¶È*/
config_buff = rpc_new(ip_config_t, iCount); config_buff = rpc_new0(ip_config_t, iCount);
conf_type = rpc_new(uint, iCount); conf_type = rpc_new0(uint, iCount);
if(!config_buff || !conf_type) if(!config_buff || !conf_type)
{ {
return RET_NOMEM; return RET_NOMEM;
@ -183,7 +183,7 @@ ret_code ip_config_json_parse_array(pointer input, uint *conf_type,
s2j_struct_get_basic_element(ip_config, json_obj, string, ipaddr); s2j_struct_get_basic_element(ip_config, json_obj, string, ipaddr);
s2j_struct_get_basic_element(ip_config, json_obj, int, prefixlen); s2j_struct_get_basic_element(ip_config, json_obj, int, prefixlen);
strncpy(config_buff[*cnt].ifname, ip_config->ifname, INTERFACE_NAMSIZ); strncpy(config_buff[*cnt].ifname, ip_config->ifname, INTERFACE_NAMSIZ - 1);
config_buff[*cnt].family = (uchar)ip_config->family; config_buff[*cnt].family = (uchar)ip_config->family;
config_buff[*cnt].prefixlen = (uchar)ip_config->prefixlen; config_buff[*cnt].prefixlen = (uchar)ip_config->prefixlen;
config_buff[*cnt].prefix.s_addr = inet_addr(ip_config->ipaddr); config_buff[*cnt].prefix.s_addr = inet_addr(ip_config->ipaddr);
@ -212,8 +212,8 @@ ret_code ip_config_format_json(int config_type, ip_config_t *config_buff,
ip_config->family = AF_INET; ip_config->family = AF_INET;
ip_config->prefixlen = config_buff->prefixlen; ip_config->prefixlen = config_buff->prefixlen;
strncpy(ip_config->ifname, config_buff->ifname, INTERFACE_NAMSIZ); strncpy(ip_config->ifname, config_buff->ifname, INTERFACE_NAMSIZ - 1);
strncpy(ip_config->ipaddr, inet_ntoa(config_buff->prefix), DOT_IP_STR); strncpy(ip_config->ipaddr, inet_ntoa(config_buff->prefix), DOT_IP_STR - 1);
/* create Student JSON object */ /* create Student JSON object */
s2j_create_json_obj(json_obj); s2j_create_json_obj(json_obj);
@ -261,8 +261,8 @@ ret_code ip_config_format_json_array(int config_type, ip_config_t *config_buff,
ip_config->config_type = config_type; ip_config->config_type = config_type;
ip_config->family = AF_INET; ip_config->family = AF_INET;
ip_config->prefixlen = config_buff[i].prefixlen; ip_config->prefixlen = config_buff[i].prefixlen;
strncpy(ip_config->ifname, config_buff[i].ifname, INTERFACE_NAMSIZ); strncpy(ip_config->ifname, config_buff[i].ifname, INTERFACE_NAMSIZ - 1);
strncpy(ip_config->ipaddr, inet_ntoa(config_buff[i].prefix), DOT_IP_STR); strncpy(ip_config->ipaddr, inet_ntoa(config_buff[i].prefix), DOT_IP_STR - 1);
/* create Student JSON object */ /* create Student JSON object */
s2j_create_json_obj(json_obj); s2j_create_json_obj(json_obj);
@ -294,11 +294,11 @@ ret_code ip_config_format_json_array(int config_type, ip_config_t *config_buff,
ret_code if_set_prefix(ip_config_t *ip_conf, int *code) ret_code if_set_prefix(ip_config_t *ip_conf, int *code)
{ {
ret_code ret; ret_code ret;
struct ifreq ifreq; struct ifreq ifreq = {0};
struct sockaddr_in addr; struct sockaddr_in addr;
struct sockaddr_in mask; struct sockaddr_in mask;
strncpy(ifreq.ifr_name, ip_conf->ifname, sizeof(ifreq.ifr_name)); strncpy(ifreq.ifr_name, ip_conf->ifname, sizeof(ifreq.ifr_name) - 1);
addr.sin_addr = ip_conf->prefix; addr.sin_addr = ip_conf->prefix;
addr.sin_family = ip_conf->family; addr.sin_family = ip_conf->family;
memcpy(&ifreq.ifr_addr, &addr, sizeof(struct sockaddr_in)); memcpy(&ifreq.ifr_addr, &addr, sizeof(struct sockaddr_in));
@ -362,12 +362,12 @@ ret_code if_get_prefix_all(pointer output, int *output_len, int *code)
for(i = 0; i < if_count; i++) for(i = 0; i < if_count; i++)
{ {
rpc_log_info("get interface %s info\n", ifreq[i].ifr_name); rpc_log_info("get interface %s info\n", ifreq[i].ifr_name);
strncpy(ip_conf[i].ifname, ifreq[i].ifr_name, INTERFACE_NAMSIZ); strncpy(ip_conf[i].ifname, ifreq[i].ifr_name, INTERFACE_NAMSIZ - 1);
ip_conf[i].family = AF_INET; ip_conf[i].family = AF_INET;
ip_conf[i].prefix = ((struct sockaddr_in *)&(ifreq[i].ifr_addr))->sin_addr; ip_conf[i].prefix = ((struct sockaddr_in *)&(ifreq[i].ifr_addr))->sin_addr;
memset(&netmask, 0, sizeof(netmask)); memset(&netmask, 0, sizeof(netmask));
strncpy(netmask.ifr_name, ifreq[i].ifr_name, sizeof(netmask.ifr_name)); strncpy(netmask.ifr_name, ifreq[i].ifr_name, sizeof(netmask.ifr_name) - 1);
ret = if_ioctl(SIOCGIFNETMASK, (caddr_t)&netmask, &mask_ret); ret = if_ioctl(SIOCGIFNETMASK, (caddr_t)&netmask, &mask_ret);
ASSERT_RET_NO(ret); ASSERT_RET_NO(ret);
@ -402,7 +402,7 @@ ret_code if_get_prefix(ip_config_t *ip_conf, int *code)
rpc_log_info("get interface %s info\n", ip_conf->ifname); rpc_log_info("get interface %s info\n", ip_conf->ifname);
strncpy(ifreq.ifr_name, ip_conf->ifname, sizeof(ifreq.ifr_name)); strncpy(ifreq.ifr_name, ip_conf->ifname, sizeof(ifreq.ifr_name) - 1);
ret = if_ioctl(SIOCGIFADDR, (caddr_t)&ifreq, code); ret = if_ioctl(SIOCGIFADDR, (caddr_t)&ifreq, code);
ASSERT_RET(ret); ASSERT_RET(ret);
@ -411,7 +411,7 @@ ret_code if_get_prefix(ip_config_t *ip_conf, int *code)
ip_conf->prefix = ((struct sockaddr_in *)&(ifreq.ifr_addr))->sin_addr; ip_conf->prefix = ((struct sockaddr_in *)&(ifreq.ifr_addr))->sin_addr;
memset(&ifreq, 0, sizeof(ifreq)); memset(&ifreq, 0, sizeof(ifreq));
strncpy(ifreq.ifr_name, ip_conf->ifname, sizeof(ifreq.ifr_name)); strncpy(ifreq.ifr_name, ip_conf->ifname, sizeof(ifreq.ifr_name) - 1);
ret = if_ioctl(SIOCGIFNETMASK, (caddr_t)&ifreq, &mask_ret); ret = if_ioctl(SIOCGIFNETMASK, (caddr_t)&ifreq, &mask_ret);
ASSERT_RET_NO(ret); ASSERT_RET_NO(ret);
@ -543,7 +543,7 @@ ret_code ip_config_proc(uint source, uint config_type,
pointer input, int input_len, pointer input, int input_len,
pointer output, int *output_len) pointer output, int *output_len)
{ {
uint conf_type = CM_CONFIG_SET; uint conf_type = config_type;
ip_config_t conf_buff = {0}; ip_config_t conf_buff = {0};
ip_config_t *ip_conf = &conf_buff; ip_config_t *ip_conf = &conf_buff;
ret_code ret = RET_OK; ret_code ret = RET_OK;