2. Fixed security vulnerability issues.
Change-Id: I273dfed976b300cd125a1174857c466423e730bb
Signed-off-by: saerome.kim <saerome.kim@samsung.com>
extern "C" {
#endif
+typedef enum {
+ NM_NETWORK_TYPE_UNKNOWN,
+ NM_NETWORK_TYPE_DISCONNECTED,
+ NM_NETWORK_TYPE_ETHERNET,
+ NM_NETWORK_TYPE_WIFI
+} nm_network_type;
+
+typedef struct {
+ char ip_addr[MAX_SIZE_BUFFER];
+ char hw_type[MAX_SIZE_BUFFER];
+ char flags[MAX_SIZE_BUFFER];
+ char hw_addr[MAX_SIZE_BUFFER];
+ char mask[MAX_SIZE_BUFFER];
+ char device[MAX_SIZE_BUFFER];
+} nm_linux_arp_entry;
+
bool __nm_init();
bool __nm_get_interface_name(char **iface_name);
typedef struct {
int user_id; /**< User ID which is saved in DB */
int os; /**< Operating system type eg) Tizen, Android and iOS */
- char mobile_id[UAS_DEVICE_ID_MAX_LEN]; /**< MObile ID which is saved in DB */
+ char device_id[UAS_DEVICE_ID_MAX_LEN]; /**< MObile ID which is saved in DB */
char mac_addr[MAC_ADDRESS_STRING_SIZE]; /**< MAC address which is saved in DB */
char ip_addr[IP_ADDRESS_STRING_SIZE]; /**< IP address which is saved in DB */
- int mobile_flag; /**< The order of the target dev. */
+ int device_flag; /**< The order of the target dev. */
gboolean new_device; /**< Is newly added device ?*/
unsigned int supported_techs; /**< Operating system type of the target dev. */
wifi_presence_status_e presence; /**< Detected type (see. wifi_presence_status_e) */
Name: ua-plugin-wifi-dummy
Summary: Wi-Fi User awareness plugin for VD
-Version: 0.6.0
+Version: 0.6.2
Release: 1
License: Apache-2.0
Source0: %{name}-%{version}.tar.gz
#include <string.h>
#include <glib.h>
+#include <wifi-plugin.h>
#include <wifi-networkmanager.h>
-typedef enum {
- NM_NETWORK_TYPE_UNKNOWN, /**< Netwrok type unknown */
- NM_NETWORK_TYPE_DISCONNECTED, /**< Netwrok type disconnected */
- NM_NETWORK_TYPE_ETHERNET, /**< Netwrok type ethernet */
- NM_NETWORK_TYPE_WIFI /**< Netwrok type Wi-Fi */
-} nm_network_type;
-
-typedef struct {
- char ip_addr[MAX_SIZE_BUFFER]; /**< IP address of the network interface */
- char hw_type[MAX_SIZE_BUFFER]; /**< HW type for the network interface */
- char flags[MAX_SIZE_BUFFER]; /**< Network interface flag */
- char hw_addr[MAX_SIZE_BUFFER]; /**< MAC address of the network interface */
- char mask[MAX_SIZE_BUFFER]; /**< Submnet mask of the network interface */
- char device[MAX_SIZE_BUFFER]; /**< Name of the network interface */
-} nm_linux_arp_entry;
-
#define NETCONN_LOCAL_MAC "00:00:00:00:00:00" /**< So called, link local MAC address */
#define PROC_ARP_PATH "/proc/net/arp" /**< ARP table in linux */
connection_h h_conn = NULL;
+nm_network_type network_type = NM_NETWORK_TYPE_UNKNOWN;
connection_profile_iterator_h profile_iter = NULL;
-nm_network_type network_type = NM_NETWORK_TYPE_UNKNOWN;
-static char connected_bssid[MAX_SIZE_BUFFER];
+static char connected_bssid[MAX_SIZE_BUFFER + 1];
bool __nm_init()
{
}
-bool __nm_get_interface_name(char** iface_name)
+bool __nm_get_interface_name(char **iface_name)
{
FUNC_ENTER;
bool ret = true;
FUNC_EXIT;
}
-bool __nm_get_gateway_address(char* gateway)
+bool __nm_get_gateway_address(char *gateway)
{
FUNC_ENTER;
int ret = -1;
- char* gateway_local = NULL;
+ char *gateway_local = NULL;
connection_profile_h profile;
__nm_get_connection_profile_handler(&profile);
CONNECTION_ADDRESS_FAMILY_IPV4, &gateway_local);
if (ret == CONNECTION_ERROR_NONE) {
- g_strlcpy(gateway, gateway_local, 16);
+ g_strlcpy(gateway, gateway_local, IP_ADDRESS_STRING_SIZE);
free(gateway_local);
} else {
UA_WIFI_ERR("get gateway failed");
- strncpy(gateway, "0.0.0.0", 7);
+ g_strlcpy(gateway, "0.0.0.0", IP_ADDRESS_STRING_SIZE);
}
} else {
UA_WIFI_ERR("Failed to get profile handle !!!");
- strncpy(gateway, "0.0.0.0", 7);
+ g_strlcpy(gateway, "0.0.0.0", IP_ADDRESS_STRING_SIZE);
}
UA_WIFI_INFO("gateway is [%s]", gateway);
return true;
}
-void __nm_get_linux_arp_table(char* ip_addr, char* mac_addr)
+void __nm_get_linux_arp_table(char *ip_addr, char *mac_addr)
{
FUNC_ENTER;
char data[1024];
int matches;
+ ret_if(NULL == ip_addr);
+ ret_if(NULL == mac_addr);
+
fp = fopen(PROC_ARP_PATH, "r");
if (!fp) {
if ((matches == 6) && !strcmp(ip_addr, entry.ip_addr)) {
UA_WIFI_INFO("IP[%s] found in ARP table", ip_addr);
- memcpy(mac_addr, entry.hw_addr, strlen(entry.hw_addr)+1);
+ /*
+ * It is gurranteed that mac_addr is same to entry.hw_addr
+ * For instance,
+ * char macaddr[MAX_SIZE_BUFFER];
+ * typedef struct {
+ * char ip_addr[MAX_SIZE_BUFFER];
+ * char hw_type[MAX_SIZE_BUFFER];
+ * char flags[MAX_SIZE_BUFFER];
+ * char hw_addr[MAX_SIZE_BUFFER];
+ * char mask[MAX_SIZE_BUFFER];
+ * char device[MAX_SIZE_BUFFER];
+ * } nm_linux_arp_entry;
+ */
+ g_strlcpy(mac_addr, entry.hw_addr, MAX_SIZE_BUFFER);
+ mac_addr[strlen(entry.hw_addr)] = '\0';
fclose(fp);
FUNC_EXIT;
return;
FUNC_ENTER;
UA_WIFI_INFO("IP address of GetIPsMAC: %s", ip_addr);
- memcpy(mac_addr, NETCONN_LOCAL_MAC, strlen(NETCONN_LOCAL_MAC)+1);
+
+ ret_if(NULL == ip_addr);
+ ret_if(NULL == mac_addr);
+
+ /*
+ * It is gurranteed that mac_addr is greater than NETCONN_LOCAL_MAC
+ * For instance,
+ * char macaddr[MAX_SIZE_BUFFER];
+ * #define NETCONN_LOCAL_MAC "00:00:00:00:00:00"
+ */
+ g_strlcpy(mac_addr, NETCONN_LOCAL_MAC, sizeof(NETCONN_LOCAL_MAC));
/*! local IP has a wildcard MAC address, for now at least */
if (!strcmp(ip_addr, "127.0.0.1"))
if (isConnect) {
UA_WIFI_INFO("update network status %s", isConnect ? "CONNECT" : "DISCONNECT");
- char gateway[16];
- char macaddr[128];
+ char gateway[IP_ADDRESS_STRING_SIZE];
+ char macaddr[MAX_SIZE_BUFFER];
- memset(gateway, 0, 16);
+ memset(gateway, 0, IP_ADDRESS_STRING_SIZE);
if (__nm_get_gateway_address(gateway) == true)
UA_WIFI_INFO("currently gateway address : %s", gateway);
UA_WIFI_INFO("IPv4 mac address of the resource: %s", macaddr);
- strncpy(connected_bssid, macaddr, strlen(macaddr));
- connected_bssid[strlen(macaddr) + 1] = '\0';
+ g_strlcpy(connected_bssid, macaddr, MAX_SIZE_BUFFER);
+ connected_bssid[strlen(connected_bssid)] = '\0';
} else {
UA_WIFI_INFO("update network status %s", isConnect ? "CONNECT" : "DISCONNECT");
memset(connected_bssid, 0, sizeof(connected_bssid));
FUNC_EXIT;
}
-bool __nm_get_mac_address(char** mac_addr)
+bool __nm_get_mac_address(char **mac_addr)
{
FUNC_ENTER;
connection_type_e conn_type;
return NULL;
}
- //UA_WIFI_DBG("Connected AP's IP : %s", ip_addr);
+// UA_WIFI_DBG("Connected AP's IP : %s", ip_addr);
return ip_addr;
}
for (l = dev_list; NULL != l; l = g_slist_next(l)) {
uas_wifi_info_t *wifi_info = l->data;
- if (wifi_info->mobile_flag != detect_count)
+ if (wifi_info->device_flag != detect_count)
continue;
if (WIFI_PRESENCE_STATUS_ABSENCE == wifi_info->presence) {
UA_WIFI_INFO("Detect this mobild id %s start presence request MAC %s",
- wifi_info->mobile_id, wifi_info->mac_addr);
+ wifi_info->device_id, wifi_info->mac_addr);
if (initial_bursts == true) {
if (UAS_STATUS_SUCCESS != __init_ip_mac_count()) {
UA_WIFI_ERR("ARP Init fail");
uas_wifi_info_t *wifi_info = l->data;
uas_device_info_t *dev_info = NULL;
- if (wifi_info->mobile_flag == detect_count) {
+ if (wifi_info->device_flag == detect_count) {
wifi_info->presence = WIFI_PRESENCE_STATUS_PRESENCE;
g_strlcpy(wifi_info->mac_addr, sbuf, MAC_ADDRESS_STRING_SIZE);
} else
dev_count++;
- wifi_info->mobile_flag = dev_count;
+ wifi_info->device_flag = dev_count;
dev_list = g_slist_prepend(dev_list, wifi_info);
}
for (l = dev_list; NULL != l; l = g_slist_next(l)) {
uas_wifi_info_t *wifi_info = l->data;
- if (!strcasecmp(wifi_info->mobile_id, device->device_id)) {
+ if (!strcasecmp(wifi_info->device_id, device->device_id)) {
dev_list = g_slist_remove(dev_list, wifi_info);
free(wifi_info);
return UAS_STATUS_SUCCESS;
return UAS_STATUS_FAIL;
}
- strncpy(arp_data->arp_source_mac, source_mac_address, strlen(source_mac_address));
- arp_data->arp_source_mac[strlen(source_mac_address) + 1] = '\0';
-
+ memcpy(arp_data->arp_source_mac, source_mac_address, MAX_SIZE_BUFFER-1);
+ arp_data->arp_source_mac[MAX_SIZE_BUFFER-1]=0x00;
source_mac = ether_aton(source_mac_address);
if (source_mac == NULL) {
source_mac_address, ether_ntoa(source_mac));
memset(&arp_data->arp, 0, sizeof(arp_data->arp));
- memcpy(arp_data->arp.h_source, source_mac, sizeof(arp_data->arp));
- memcpy(arp_data->arp.s_hwaddr, source_mac, sizeof(arp_data->arp));
+ memcpy(arp_data->arp.h_source, source_mac, MAC_ADD_LENGTH);
+ memcpy(arp_data->arp.s_hwaddr, source_mac, MAC_ADD_LENGTH);
dest_mac = ether_aton(mac);
uint32_t target_ip = 0;
memset(&arp_recv, 0, sizeof(arp_recv));
+ /* The size of arp_message is fixed length and defined Ethernet specification
+ Therefore we will use sizeof() instead of null-terminiated buffer */
memcpy(&arp_recv, buffer, sizeof(arp_recv));
target_ip = inet_addr(arp_data->arp_source_ip);
char error_buf[MAX_SIZE_ERROR_BUFFER];
char *iface_name = NULL;
int val = 1;
+ int if_name_len ;
struct ether_addr *dest_mac = NULL;
dest_mac = ether_aton(mac);
}
UA_WIFI_INFO("Network interface %s", iface_name);
+ if_name_len = strlen(iface_name);
- if (strlen(iface_name) < sizeof(net_ifr.ifr_name)) {
- strncpy(net_ifr.ifr_name, iface_name, strlen(iface_name));
- net_ifr.ifr_name[strlen(iface_name)] = 0;
+ if (if_name_len < sizeof(net_ifr.ifr_name)) {
+ memcpy(net_ifr.ifr_name, iface_name, if_name_len);
+ net_ifr.ifr_name[if_name_len] = 0;
} else {
UA_WIFI_ERR("Error : Interface name is too long");
free(iface_name);
arp_data->addr.sll_ifindex = net_ifr.ifr_ifindex;
arp_data->addr.sll_halen = ETHER_ADDR_LEN;
arp_data->addr.sll_protocol = htons(ETH_P_ARP);
+ /* sll_addr is not a null-terminated buffer, it is defined in linux header files
+ * therefore, it is impossible to addd NULL character to tail */
memcpy(arp_data->addr.sll_addr, dest_mac, sizeof(arp_data->addr.sll_addr));
arp_data->arp_sock_io = g_io_channel_unix_new(arp_data->arp_id);
memset(arp_target_ip, '\0', MAX_SIZE_BUFFER);
source_ip = inet_addr(__nm_get_ip_address());
+ /* s_IPaddr is not a null-terminated buffer, it is defined in linux header files
+ * therefore, it is impossible to addd NULL character to tail */
memcpy(arp_data->arp.s_IPaddr, &source_ip,
sizeof(arp_data->arp.s_IPaddr)); // source IP address
- //snprintf(ip_buff, 16, "%d.%d.%d.%d",arp.s_IPaddr[0],arp.s_IPaddr[1],arp.s_IPaddr[2],pArping->arp_send_ip_addr);
+ /*
+ snprintf(ip_buff, IP_ADDRESS_STRING_SIZE, "%d.%d.%d.%d",
+ arp.s_IPaddr[0],arp.s_IPaddr[1],arp.s_IPaddr[2],pArping->arp_send_ip_addr);
+ */
target_ip = inet_addr(arp_data->arp_source_ip);
memcpy(arp_data->arp.t_IPaddr, &target_ip,
sizeof(arp_data->arp.t_IPaddr)); // target IP address
- memcpy(arp_target_ip, arp_data->arp_source_ip , strlen(arp_data->arp_source_ip));
+ g_strlcpy(arp_target_ip, arp_data->arp_source_ip, MAX_SIZE_BUFFER);
UA_WIFI_INFO("arp_target_ip = %s ", arp_target_ip);
memset(error_buf, '\0', MAX_SIZE_ERROR_BUFFER);
memset(ip_buff, '\0', IP_ADDRESS_STRING_SIZE);
+ /* s_IPaddr is not a null-terminated buffer, it is defined in linux header files
+ * therefore, it is impossible to addd NULL character to tail */
source_ip = inet_addr(__nm_get_ip_address());
memcpy(arp_data->arp.s_IPaddr, &source_ip,
sizeof(arp_data->arp.s_IPaddr)); // source IP address
+
snprintf(ip_buff, sizeof(ip_buff), "%d.%d.%d.%d",
arp_data->arp.s_IPaddr[0], arp_data->arp.s_IPaddr[1],
arp_data->arp.s_IPaddr[2], arp_data->arp_send_ip_addr);
target_ip = inet_addr(ip_buff);
- memcpy(arp_target_ip, ip_buff, strlen(ip_buff));
+ g_strlcpy(arp_target_ip, ip_buff, MAX_SIZE_BUFFER);
+
+ /* t_IPaddr is not a null-terminated buffer, it is defined in linux header files
+ * therefore, it is impossible to addd NULL character to tail */
memcpy(arp_data->arp.t_IPaddr, &target_ip,
sizeof(arp_data->arp.s_IPaddr)); // target IP address
return ret;
}
- memcpy(arp_data->arp_target_mac, mac, strlen(mac));
+ g_strlcpy(arp_data->arp_target_mac, mac, MAX_SIZE_BUFFER);
UA_WIFI_INFO("Request mac address %s IP address %s", mac, ip);
__send_arp_uni_mode(ip);
wifi_info->discriminant = dev_info->discriminant;
wifi_info->supported_techs = dev_info->supported_techs;
- g_strlcpy(wifi_info->mobile_id, dev_info->device_id, UAS_DEVICE_ID_MAX_LEN);
+ g_strlcpy(wifi_info->device_id, dev_info->device_id, UAS_DEVICE_ID_MAX_LEN);
for (i = 0; i < dev_info->num_addr; i++) {
if (UAS_ADDR_TYPE_WIFI == dev_info->addr_list[i].type) {
UA_WIFI_DBG("User Id: [0x%X], OS: [0x%X], Device Id: [%s], " \
"MAC Addr: [%s], IP Addr: [%s] discriminant: [%d]",
- wifi_info->user_id, wifi_info->os, wifi_info->mobile_id,
+ wifi_info->user_id, wifi_info->os, wifi_info->device_id,
wifi_info->mac_addr, wifi_info->ip_addr, wifi_info->discriminant);
FUNC_EXIT;
dev_info->os = wifi_info->os;
dev_info->discriminant = wifi_info->discriminant;
dev_info->supported_techs = wifi_info->supported_techs;
- dev_info->device_id = g_strdup(wifi_info->mobile_id);
+ dev_info->device_id = g_strdup(wifi_info->device_id);
if (strlen(wifi_info->mac_addr) != 0) {
count++;