From 610012a40924b391912156baee9d4f6d0ce9f7ee Mon Sep 17 00:00:00 2001 From: Erich Keane Date: Wed, 29 Jul 2015 14:53:00 -0700 Subject: [PATCH] Fixed a large amount of memory leaks/ Null pointer dereferences This fix goes through nearly 200 issues discovered by Klocwork and fixes a variety of null pointer dereferences and memory leaks. Change-Id: Ic6c741872b5fb5a9e432636552dab815c4f1f96c Signed-off-by: Erich Keane Reviewed-on: https://gerrit.iotivity.org/gerrit/1979 Tested-by: jenkins-iotivity Reviewed-by: Ossama Othman Reviewed-by: Jon A. Cruz --- .../oic_string/test/linux/oic_string_tests.cpp | 32 +++- .../csdk/connectivity/samples/linux/sample_main.c | 39 ++-- .../connectivity/src/bt_le_adapter/caleadapter.c | 5 +- .../csdk/connectivity/src/cablockwisetransfer.c | 49 ++++- resource/csdk/connectivity/src/camessagehandler.c | 6 + resource/csdk/connectivity/src/caprotocolmessage.c | 3 +- .../csdk/connectivity/src/ip_adapter/caipserver.c | 28 ++- .../src/ip_adapter/linux/caipnwmonitor.c | 3 +- .../csdk/connectivity/test/ca_api_unittest.cpp | 24 +++ resource/csdk/security/src/secureresourcemanager.c | 4 +- .../csdk/security/unittest/aclresourcetest.cpp | 6 +- .../csdk/security/unittest/credentialresource.cpp | 31 +++- resource/csdk/security/unittest/doxmresource.cpp | 32 +++- resource/csdk/security/unittest/pstatresource.cpp | 24 ++- resource/csdk/security/unittest/srmutility.cpp | 13 +- resource/csdk/stack/include/ocpayload.h | 2 +- .../linux/SimpleClientServer/occlientbasicops.cpp | 4 +- .../linux/SimpleClientServer/occlientcoll.cpp | 10 +- .../linux/SimpleClientServer/occlientslow.cpp | 3 +- .../linux/SimpleClientServer/ocserverbasicops.cpp | 2 +- .../linux/SimpleClientServer/ocservercoll.cpp | 13 +- .../linux/SimpleClientServer/ocserverslow.cpp | 13 +- .../samples/linux/secure/occlientbasicops.cpp | 3 +- .../samples/linux/secure/ocserverbasicops.cpp | 2 +- resource/csdk/stack/src/ocobserve.c | 1 + resource/csdk/stack/src/ocpayload.c | 70 +++++++- resource/csdk/stack/src/ocpayloadconvert.c | 7 + resource/csdk/stack/src/ocpayloadparse.c | 197 ++++++++++++++------- resource/csdk/stack/src/ocresource.c | 9 +- resource/csdk/stack/src/ocserverrequest.c | 3 +- resource/csdk/stack/src/ocstack.c | 48 +++-- resource/csdk/stack/src/oicgroup.c | 26 +-- resource/examples/garageclient.cpp | 2 +- resource/examples/groupserver.cpp | 2 +- resource/examples/roomclient.cpp | 4 +- resource/examples/simpleclientHQ.cpp | 2 +- 36 files changed, 548 insertions(+), 174 deletions(-) diff --git a/resource/c_common/oic_string/test/linux/oic_string_tests.cpp b/resource/c_common/oic_string/test/linux/oic_string_tests.cpp index eccf05e..320d30f 100644 --- a/resource/c_common/oic_string/test/linux/oic_string_tests.cpp +++ b/resource/c_common/oic_string/test/linux/oic_string_tests.cpp @@ -45,7 +45,7 @@ TEST(StringTests, StrdupNormalDup) char* result = OICStrdup(param); - ASSERT_TRUE(result != NULL); + EXPECT_TRUE(result != NULL); // ensure not the same pointer EXPECT_NE(param, result); @@ -80,6 +80,11 @@ TEST(StringTests, StrcpyExactSizeSentinel) char* result = OICStrcpy(target, sizeof(target) - 5, source); + if (!result) + { + FAIL() << "OICStrcpy returned NULL"; + } + EXPECT_EQ(target, result); EXPECT_EQ(sizeof(target) - 1 - 5, strlen(target)); EXPECT_STREQ(source, result); @@ -99,6 +104,11 @@ TEST(StringTests, StrcpyShorterSource) char* result = OICStrcpy(target, sizeof(target), source); + if (!result) + { + FAIL() << "OICStrcpy returned NULL"; + } + EXPECT_EQ(target, result); EXPECT_EQ(sizeof(source) - 1, strlen(result)); EXPECT_STREQ(source, result); @@ -118,6 +128,11 @@ TEST(StringTests, StrcpyShorterDestination) char *result = OICStrcpy(target, sizeof(target), source); + if (!result) + { + FAIL() << "OICStrcpy returned NULL"; + } + EXPECT_EQ(target, result); EXPECT_EQ(sizeof(target) - 1, strlen(result)); EXPECT_STREQ("123456789", result); @@ -134,6 +149,11 @@ TEST(StringTests, StrcpyShorterDestinationSentinel) char *result = OICStrcpy(target, sizeof(target) - 5, source); + if (!result) + { + FAIL() << "OICStrcpy returned NULL"; + } + EXPECT_EQ(target, result); EXPECT_EQ(sizeof(target) - 1 - 5, strlen(result)); EXPECT_STREQ("123456789", result); @@ -153,6 +173,11 @@ TEST(StringTests, StrcpyZeroSource) char *result = OICStrcpy(target, sizeof(target), source); + if (!result) + { + FAIL() << "OICStrcpy returned NULL"; + } + EXPECT_EQ(target, result); EXPECT_EQ(sizeof(source) - 1, strlen(result)); EXPECT_STREQ("", result); @@ -185,6 +210,11 @@ TEST(StringTests, StrcpyZeroDestinationSentinel) char *result = OICStrcpy(target, sizeof(target) - 5, source); + if (!result) + { + FAIL() << "OICStrcpy returned NULL"; + } + EXPECT_EQ(target, result); for(size_t i = 0; i < sizeof(target); ++i) diff --git a/resource/csdk/connectivity/samples/linux/sample_main.c b/resource/csdk/connectivity/samples/linux/sample_main.c index a48d391..1298f24 100644 --- a/resource/csdk/connectivity/samples/linux/sample_main.c +++ b/resource/csdk/connectivity/samples/linux/sample_main.c @@ -27,6 +27,7 @@ #include "cacommon.h" #include "cainterface.h" +#include "oic_string.h" #ifdef __WITH_DTLS__ #include "ocsecurityconfig.h" #endif @@ -618,7 +619,7 @@ void send_secure_request() uint8_t tokenLength = CA_MAX_TOKEN_LEN; res = CAGenerateToken(&token, tokenLength); - if ((CA_STATUS_OK != res) || (!token)) + if (CA_STATUS_OK != res) { printf("Token generate error, error code : %d\n", res); goto exit; @@ -1206,6 +1207,11 @@ void send_response(const CAEndpoint_t *endpoint, const CAInfo_t *info) if (endpoint->flags & CA_SECURE) { + if(!responseData.resourceUri) + { + printf("resourceUri not available in SECURE\n"); + return; + } printf("Sending response on secure communication\n"); uint32_t length = sizeof(SECURE_INFO_DATA) + strlen(responseData.resourceUri); @@ -1249,6 +1255,11 @@ void send_response(const CAEndpoint_t *endpoint, const CAInfo_t *info) } else { + if(!responseData.resourceUri) + { + printf("resourceUri not available in NON-SECURE\n"); + return; + } uint32_t length = sizeof(NORMAL_INFO_DATA) + strlen(responseData.resourceUri); responseData.payload = (CAPayload_t) calloc(length, sizeof(char)); if (NULL == responseData.payload) @@ -1324,8 +1335,7 @@ int get_secure_information(CAPayload_t payLoad) } char portStr[6] = {0}; - memcpy(portStr, startPos + 1, (endPos - 1) - startPos); - + OICStrcpyPartial(portStr, sizeof(portStr), startPos + 1, (endPos - 1) - startPos); printf("secured port is: %s\n", portStr); return atoi(portStr); } @@ -1353,7 +1363,7 @@ void get_resource_uri(char *URI, char *resourceURI, int length) if (endPos - startPos <= length) { - memcpy(resourceURI, startPos + 1, endPos - startPos); + OICStrcpyPartial(resourceURI, length, startPos + 1, endPos - startPos); } printf("URI: %s, ResourceURI:%s\n", URI, resourceURI); @@ -1433,9 +1443,14 @@ CAHeaderOption_t* get_option_data(CAInfo_t* requestData) printf("there is no headerOption!\n"); return NULL; } + else if (optionNum > MAX_OPT_LEN) + { + printf("Too many header options!\n"); + return NULL; + } else { - headerOpt = (CAHeaderOption_t *)calloc(1, optionNum * sizeof(CAHeaderOption_t)); + headerOpt = (CAHeaderOption_t *)calloc(optionNum, sizeof(CAHeaderOption_t)); if (NULL == headerOpt) { printf("Memory allocation failed!\n"); @@ -1463,7 +1478,7 @@ CAHeaderOption_t* get_option_data(CAInfo_t* requestData) return NULL; } - memcpy(headerOpt[i].optionData, optionData, strlen(optionData)); + OICStrcpy(headerOpt[i].optionData, sizeof(headerOpt[i].optionData), optionData); headerOpt[i].optionLength = (uint16_t) strlen(optionData); } @@ -1562,13 +1577,11 @@ int get_address_set(const char *pAddress, addressSet_t* outAddress) { if(ipLen && ipLen < sizeof(outAddress->ipAddress)) { - strncpy(outAddress->ipAddress, pAddress, ipLen); - outAddress->ipAddress[ipLen] = '\0'; + OICStrcpy(outAddress->ipAddress, sizeof(outAddress->ipAddress), pAddress); } else if (!ipLen && len < sizeof(outAddress->ipAddress)) { - strncpy(outAddress->ipAddress, pAddress, len); - outAddress->ipAddress[len] = '\0'; + OICStrcpy(outAddress->ipAddress, sizeof(outAddress->ipAddress), pAddress); } else { @@ -1588,11 +1601,11 @@ int get_address_set(const char *pAddress, addressSet_t* outAddress) void create_file(CAPayload_t bytes, size_t length) { FILE *fp = fopen("sample_output.txt", "wb"); - if (!fp) + if (fp) { fwrite(bytes, 1, length, fp); + fclose(fp); } - fclose(fp); } bool read_file(const char* name, CAPayload_t* bytes, size_t* length) @@ -1631,7 +1644,7 @@ bool read_file(const char* name, CAPayload_t* bytes, size_t* length) // Read file contents into buffer size_t ret = fread(buffer, fileLen, 1, file); - if (ret < 0) + if (ret != 1) { printf("Failed to read data from file, %s\n", name); fclose(file); diff --git a/resource/csdk/connectivity/src/bt_le_adapter/caleadapter.c b/resource/csdk/connectivity/src/bt_le_adapter/caleadapter.c index 6586b92..b0c548b 100644 --- a/resource/csdk/connectivity/src/bt_le_adapter/caleadapter.c +++ b/resource/csdk/connectivity/src/bt_le_adapter/caleadapter.c @@ -977,8 +977,9 @@ static void CALEDataReceiverHandler(void *threadData) CALEGetSenderInfo(newSender->remoteEndpoint->addr, NULL, &senderIndex)) { OIC_LOG(ERROR, CALEADAPTER_TAG, "Existing sender index not found!!"); - OICFree(senderInfo->defragData); - OICFree(senderInfo); + OICFree(newSender->defragData); + CAFreeEndpoint(newSender->remoteEndpoint); + OICFree(newSender); ca_mutex_unlock(g_bleReceiveDataMutex); return; } diff --git a/resource/csdk/connectivity/src/cablockwisetransfer.c b/resource/csdk/connectivity/src/cablockwisetransfer.c index 0d75d0f..9444d98 100644 --- a/resource/csdk/connectivity/src/cablockwisetransfer.c +++ b/resource/csdk/connectivity/src/cablockwisetransfer.c @@ -45,7 +45,7 @@ #define TAG "CA_BWT" -#define BLOCKWISE_OPTION_BUFFER 3 +#define BLOCKWISE_OPTION_BUFFER (sizeof(unsigned int)) #define BLOCK_NUMBER_IDX 4 #define BLOCK_M_BIT_IDX 3 #define PORT_LENGTH 2 @@ -212,6 +212,10 @@ CAResult_t CAAddSendThreadQueue(const CAData_t *sendData, const CABlockDataID_t g_context.sendThreadFunc(cloneData); ca_mutex_unlock(g_context.blockDataSenderMutex); } + else + { + CADestroyDataSet(cloneData); + } return CA_STATUS_OK; } @@ -644,13 +648,25 @@ CAResult_t CASendErrorMessage(const coap_pdu_t *pdu, uint8_t status, } OIC_LOG(DEBUG, TAG, "set ACK message"); } - else + else if (data->sentData) { - cloneData = CACreateNewDataSet(pdu, CACloneEndpoint(data->sentData->remoteEndpoint)); + cloneData = CACreateNewDataSet(pdu, data->sentData->remoteEndpoint); + + if(!cloneData) + { + OIC_LOG(ERROR, TAG, PCF("CACreateNewDataSet failed")); + return CA_MEMORY_ALLOC_FAILED; + } + cloneData->responseInfo->info.type = CA_MSG_CONFIRM; cloneData->responseInfo->result = responseResult; OIC_LOG(DEBUG, TAG, "set CON message"); } + else + { + OIC_LOG(ERROR, TAG, "data has no sent-data"); + return CA_MEMORY_ALLOC_FAILED; + } // add data to send thread if (g_context.sendThreadFunc) @@ -659,6 +675,10 @@ CAResult_t CASendErrorMessage(const coap_pdu_t *pdu, uint8_t status, g_context.sendThreadFunc(cloneData); ca_mutex_unlock(g_context.blockDataSenderMutex); } + else + { + CADestroyDataSet(cloneData); + } // if error code is 4.08, remove the stored payload and initialize block number if (CA_BLOCK_INCOMPLETE == status) @@ -698,6 +718,7 @@ CAResult_t CAReceiveLastBlock(const CABlockDataID_t *blockID, if (CA_STATUS_OK != res) { OIC_LOG(ERROR, TAG, "update has failed"); + CADestroyDataSet(cloneData); return CA_STATUS_FAILED; } } @@ -706,6 +727,10 @@ CAResult_t CAReceiveLastBlock(const CABlockDataID_t *blockID, { g_context.receivedThreadFunc(cloneData); } + else + { + CADestroyDataSet(cloneData); + } return CA_STATUS_OK; } @@ -1518,8 +1543,13 @@ CAResult_t CAAddBlockOption2(coap_pdu_t **pdu, const CAInfo_t info, size_t dataL error: OIC_LOG_V(ERROR, TAG, "error : %d", code); - coap_add_data(*pdu, strlen(coap_response_phrase(code)), - (unsigned char *) coap_response_phrase(code)); + + char* phrase = coap_response_phrase(code); + if(phrase) + { + coap_add_data(*pdu, strlen(phrase), + (unsigned char *) phrase); + } return CA_STATUS_FAILED; } @@ -1919,6 +1949,7 @@ CAData_t* CACreateNewDataSet(const coap_pdu_t *pdu, const CAEndpoint_t *endpoint if (NULL == responseInfo) { OIC_LOG(ERROR, TAG, "out of memory"); + OICFree(responseData.token); return NULL; } responseInfo->info = responseData; @@ -1949,7 +1980,7 @@ CAData_t *CACloneCAData(const CAData_t *data) OIC_LOG(ERROR, TAG, "out of memory"); return NULL; } - memcpy(clone, data, sizeof(CAData_t)); + *clone = *data; if (data->requestInfo) { @@ -2403,6 +2434,12 @@ CABlockData_t *CACreateNewBlockData(const CAData_t *sendData) data->block1.szx = CA_DEFAULT_BLOCK_SIZE; data->block2.szx = CA_DEFAULT_BLOCK_SIZE; data->sentData = CACloneCAData(sendData); + if(!data->sentData) + { + OIC_LOG(ERROR, TAG, PCF("memory alloc has failed")); + OICFree(data); + return NULL; + } CAToken_t token = NULL; uint8_t tokenLength = 0; diff --git a/resource/csdk/connectivity/src/camessagehandler.c b/resource/csdk/connectivity/src/camessagehandler.c index 8371328..c3dd036 100644 --- a/resource/csdk/connectivity/src/camessagehandler.c +++ b/resource/csdk/connectivity/src/camessagehandler.c @@ -779,6 +779,12 @@ static CAData_t* CAPrepareSendData(const CAEndpoint_t *endpoint, const void *sen info = &response->info; cadata->responseInfo = response; } + else + { + OIC_LOG(ERROR, TAG, "CAPrepareSendData unknown data type"); + OICFree(cadata); + return NULL; + } if (NULL != info->options && 0 < info->numOptions) { diff --git a/resource/csdk/connectivity/src/caprotocolmessage.c b/resource/csdk/connectivity/src/caprotocolmessage.c index 78cea47..37902d9 100644 --- a/resource/csdk/connectivity/src/caprotocolmessage.c +++ b/resource/csdk/connectivity/src/caprotocolmessage.c @@ -750,8 +750,7 @@ CAResult_t CAGetInfoFromPDU(const coap_pdu_t *pdu, uint32_t *outCode, CAInfo_t * OICFree(outInfo->token); return CA_MEMORY_ALLOC_FAILED; } - memcpy(outInfo->resourceUri, optionResult, length); - outInfo->resourceUri[length] = '\0'; + OICStrcpy(outInfo->resourceUri, length + 1, optionResult); OIC_LOG_V(DEBUG, TAG, "made URL : %s, %s", optionResult, outInfo->resourceUri); OIC_LOG(DEBUG, TAG, "OUT"); diff --git a/resource/csdk/connectivity/src/ip_adapter/caipserver.c b/resource/csdk/connectivity/src/ip_adapter/caipserver.c index 0013ab9..cfaec22 100644 --- a/resource/csdk/connectivity/src/ip_adapter/caipserver.c +++ b/resource/csdk/connectivity/src/ip_adapter/caipserver.c @@ -577,6 +577,10 @@ static void CAApplyInterfaces() { CAInterface_t *ifitem = (CAInterface_t *)u_arraylist_get(iflist, i); + if (!ifitem) + { + continue; + } if ((ifitem->flags & (IFF_UP|IFF_RUNNING)) != (IFF_UP|IFF_RUNNING)) { continue; @@ -631,6 +635,11 @@ for (nh = (struct nlmsghdr *)buf; NLMSG_OK(nh, len); nh = NLMSG_NEXT(nh, len)) for (uint32_t i = 0; i < len; i++) { CAInterface_t *ifitem = (CAInterface_t *)u_arraylist_get(iflist, i); + if (!ifitem) + { + continue; + } + if (ifitem->index != newIndex) { continue; @@ -708,13 +717,17 @@ static void sendMulticastData6(const u_arraylist_t *iflist, OIC_LOG_V(INFO, TAG, "IPv6 multicast scope invalid: %d", scope); return; } - strncpy(endpoint->addr, ipv6mcname, MAX_ADDR_STR_SIZE_CA); + OICStrcpy(endpoint->addr, sizeof(endpoint->addr), ipv6mcname); int fd = caglobals.ip.u6.fd; uint32_t len = u_arraylist_length(iflist); for (uint32_t i = 0; i < len; i++) { CAInterface_t *ifitem = (CAInterface_t *)u_arraylist_get(iflist, i); + if (!ifitem) + { + continue; + } if ((ifitem->flags & (IFF_UP|IFF_RUNNING)) != (IFF_UP|IFF_RUNNING)) { continue; @@ -739,13 +752,17 @@ static void sendMulticastData4(const u_arraylist_t *iflist, const void *data, uint32_t datalen) { struct ip_mreq mreq = { IPv4MulticastAddress }; - strncpy(endpoint->addr, IPv4_MULTICAST, MAX_ADDR_STR_SIZE_CA); + OICStrcpy(endpoint->addr, sizeof(endpoint->addr), IPv4_MULTICAST); int fd = caglobals.ip.u4.fd; uint32_t len = u_arraylist_length(iflist); for (uint32_t i = 0; i < len; i++) { CAInterface_t *ifitem = (CAInterface_t *)u_arraylist_get(iflist, i); + if (!ifitem) + { + continue; + } if ((ifitem->flags & (IFF_UP|IFF_RUNNING)) != (IFF_UP|IFF_RUNNING)) { continue; @@ -760,7 +777,8 @@ static void sendMulticastData4(const u_arraylist_t *iflist, mreq.imr_interface = inaddr; if (setsockopt(fd, IPPROTO_IP, IP_MULTICAST_IF, &mreq, sizeof (mreq))) { - OIC_LOG_V(ERROR, TAG, "send IP_MULTICAST_IF failed: %s (using defualt)", strerror(errno)); + OIC_LOG_V(ERROR, TAG, "send IP_MULTICAST_IF failed: %s (using defualt)", + strerror(errno)); } sendData(fd, endpoint, data, datalen, "multicast", "ipv4"); } @@ -845,6 +863,10 @@ CAResult_t CAGetIPInterfaceInformation(CAEndpoint_t **info, uint32_t *size) for (uint32_t i = 0, j = 0; i < len; i++) { CAInterface_t *ifitem = (CAInterface_t *)u_arraylist_get(iflist, i); + if(!ifitem) + { + continue; + } OICStrcpy(eps[j].addr, CA_INTERFACE_NAME_SIZE, ifitem->name); eps[j].flags = ifitem->family == AF_INET6 ? CA_IPV6 : CA_IPV4; diff --git a/resource/csdk/connectivity/src/ip_adapter/linux/caipnwmonitor.c b/resource/csdk/connectivity/src/ip_adapter/linux/caipnwmonitor.c index a04b1c7..33a837f 100644 --- a/resource/csdk/connectivity/src/ip_adapter/linux/caipnwmonitor.c +++ b/resource/csdk/connectivity/src/ip_adapter/linux/caipnwmonitor.c @@ -74,7 +74,8 @@ u_arraylist_t *CAIPGetInterfaceInformation(int desiredIndex) for (int i = length-1; i >= 0; i--) { CAInterface_t *ifitem = (CAInterface_t *)u_arraylist_get(iflist, i); - if (ifitem->index == ifindex && ifitem->family == family) + + if (ifitem && ifitem->index == ifindex && ifitem->family == family) { already = true; break; diff --git a/resource/csdk/connectivity/test/ca_api_unittest.cpp b/resource/csdk/connectivity/test/ca_api_unittest.cpp index 486f28a..5d763df 100644 --- a/resource/csdk/connectivity/test/ca_api_unittest.cpp +++ b/resource/csdk/connectivity/test/ca_api_unittest.cpp @@ -310,6 +310,14 @@ TEST(SendResponseTest, DISABLED_TC_19_Positive_01) responseData.type = CA_MSG_NONCONFIRM; responseData.messageId = 1; responseData.payload = (CAPayload_t)malloc(sizeof("response payload")); + + EXPECT_TRUE(responseData.payload != NULL); + if(!responseData.payload) + { + CADestroyEndpoint(tempRep); + return; + } + memcpy(responseData.payload, "response payload", sizeof("response payload")); responseData.payloadSize = sizeof("response payload"); @@ -339,6 +347,14 @@ TEST(SendResponseTest, DISABLED_TC_20_Negative_01) responseData.type = CA_MSG_NONCONFIRM; responseData.messageId = 1; responseData.payload = (CAPayload_t)malloc(sizeof("response payload")); + EXPECT_TRUE(responseData.payload != NULL); + + if(!responseData.payload) + { + CADestroyEndpoint(tempRep); + return; + } + memcpy(responseData.payload, "response payload", sizeof("response payload")); responseData.payloadSize = sizeof("response payload"); @@ -386,6 +402,14 @@ TEST(SendNotificationTest, DISABLED_TC_22_Positive_01) memset(&responseData, 0, sizeof(CAInfo_t)); responseData.type = CA_MSG_NONCONFIRM; responseData.payload = (CAPayload_t)malloc(sizeof("Temp Notification Data")); + + EXPECT_TRUE(responseData.payload != NULL); + if(!responseData.payload) + { + CADestroyEndpoint(tempRep); + return; + } + memcpy(responseData.payload, "Temp Notification Data", sizeof("Temp Notification Data")); responseData.payloadSize = sizeof("Temp Notification Data"); diff --git a/resource/csdk/security/src/secureresourcemanager.c b/resource/csdk/security/src/secureresourcemanager.c index 8dee8b1..fea76f8 100644 --- a/resource/csdk/security/src/secureresourcemanager.c +++ b/resource/csdk/security/src/secureresourcemanager.c @@ -25,6 +25,7 @@ #include "resourcemanager.h" #include "credresource.h" #include "policyengine.h" +#include "oic_string.h" #include #define TAG PCF("SRM") @@ -90,8 +91,7 @@ void SRMRequestHandler(const CAEndpoint_t *endPoint, const CARequestInfo_t *requ if (position > 0) { char newUri[MAX_URI_LENGTH + 1]; - strncpy(newUri, requestInfo->info.resourceUri, (position)); - newUri[position] = '\0'; + OICStrcpyPartial(newUri, MAX_URI_LENGTH + 1, requestInfo->info.resourceUri, position); //Skip query and pass the newUri. response = CheckPermission(&g_policyEngineContext, &subjectId, newUri, diff --git a/resource/csdk/security/unittest/aclresourcetest.cpp b/resource/csdk/security/unittest/aclresourcetest.cpp index 2cdb0f8..5dd5a6a 100644 --- a/resource/csdk/security/unittest/aclresourcetest.cpp +++ b/resource/csdk/security/unittest/aclresourcetest.cpp @@ -24,6 +24,7 @@ #include #include #include "ocstack.h" +#include "ocpayload.h" #include "oic_malloc.h" #include "cJSON.h" #include "cainterface.h" @@ -192,9 +193,7 @@ TEST(ACLResourceTest, ACLPostTest) // Create Entity Handler POST request payload ehReq.method = OC_REST_POST; - ehReq.payload = (OCPayload*)calloc(1, sizeof(OCSecurityPayload)); - ehReq.payload->type = PAYLOAD_TYPE_SECURITY; - ((OCSecurityPayload*)ehReq.payload)->securityData = jsonStr; + ehReq.payload = (OCPayload*)OCSecurityPayloadCreate(jsonStr); OCEntityHandlerResult ehRet = ACLEntityHandler(OC_REQUEST_FLAG, &ehReq); EXPECT_TRUE(OC_EH_ERROR == ehRet); @@ -211,6 +210,7 @@ TEST(ACLResourceTest, ACLPostTest) // Perform cleanup DeleteACLList(acl); DeInitACLResource(); + OCPayloadDestroy(ehReq.payload); OICFree(jsonStr); } } diff --git a/resource/csdk/security/unittest/credentialresource.cpp b/resource/csdk/security/unittest/credentialresource.cpp index fcbb3ac..02ce7d4 100644 --- a/resource/csdk/security/unittest/credentialresource.cpp +++ b/resource/csdk/security/unittest/credentialresource.cpp @@ -47,6 +47,10 @@ const OicSecCred_t* GetCredResourceData(const OicUuid_t* subject); OicSecCred_t * getCredList() { OicSecCred_t * cred = (OicSecCred_t*)OICCalloc(1, sizeof(OicSecCred_t)); + if(!cred) + { + return NULL; + } cred->credId = 1234; OICStrcpy((char *)cred->subject.id, sizeof(cred->subject.id), "subject1"); @@ -60,9 +64,20 @@ OicSecCred_t * getCredList() cred->credType = 1; cred->ownersLen = 1; cred->owners = (OicUuid_t*)OICCalloc(cred->ownersLen, sizeof(OicUuid_t)); + if(!cred->owners) + { + OICFree(cred); + return NULL; + } OICStrcpy((char *)cred->owners[0].id, sizeof(cred->owners[0].id), "ownersId11"); cred->next = (OicSecCred_t*)OICCalloc(1, sizeof(OicSecCred_t)); + if(!cred->next) + { + OICFree(cred->owners); + OICFree(cred); + return NULL; + } cred->next->credId = 5678; OICStrcpy((char *)cred->next->subject.id, sizeof(cred->next->subject.id), "subject2"); #if 0 @@ -71,6 +86,13 @@ OicSecCred_t * getCredList() cred->next->credType = 1; size_t data_size = strlen("My private Key21") + 1; cred->next->privateData.data = (char *)OICCalloc(1, data_size); + if(!cred->next->privateData.data) + { + OICFree(cred->next); + OICFree(cred->owners); + OICFree(cred); + return NULL; + } OICStrcpy(cred->next->privateData.data, data_size,"My private Key21"); #if 0 cred->next->publicData.data = (char *)OICCalloc(1, strlen("My Public Key123") + 1); @@ -78,6 +100,14 @@ OicSecCred_t * getCredList() #endif cred->next->ownersLen = 2; cred->next->owners = (OicUuid_t*)OICCalloc(cred->next->ownersLen, sizeof(OicUuid_t)); + if(!cred->next->owners) + { + OICFree(cred->next->privateData.data); + OICFree(cred->next); + OICFree(cred->owners); + OICFree(cred); + return NULL; + } OICStrcpy((char *)cred->next->owners[0].id, sizeof(cred->next->owners[0].id), "ownersId21"); OICStrcpy((char *)cred->next->owners[1].id, sizeof(cred->next->owners[1].id), "ownersId22"); return cred; @@ -159,7 +189,6 @@ TEST(BinToCredJSONTest, BinToCredJSONValidCred) json = BinToCredJSON(cred); - printf("BinToCredJSON:%s\n", json); EXPECT_TRUE(json != NULL); DeleteCredList(cred); OICFree(json); diff --git a/resource/csdk/security/unittest/doxmresource.cpp b/resource/csdk/security/unittest/doxmresource.cpp index 0b32cd9..1395e87 100644 --- a/resource/csdk/security/unittest/doxmresource.cpp +++ b/resource/csdk/security/unittest/doxmresource.cpp @@ -23,6 +23,7 @@ #include "srmresourcestrings.h" #include "doxmresource.h" #include "ocserverrequest.h" +#include "oic_string.h" #include "oic_malloc.h" #ifdef __cplusplus @@ -46,12 +47,36 @@ OCEntityHandlerResult HandleDoxmGetRequest (const OCEntityHandlerRequest * ehReq OicSecDoxm_t * getBinDoxm() { OicSecDoxm_t * doxm = (OicSecDoxm_t*)OICCalloc(1, sizeof(OicSecDoxm_t)); + if(!doxm) + { + return NULL; + } doxm->oxmTypeLen = 1; doxm->oxmType = (OicUrn_t *)OICCalloc(doxm->oxmTypeLen, sizeof(char *)); + if(!doxm->oxmType) + { + OICFree(doxm); + return NULL; + } doxm->oxmType[0] = (char*)OICMalloc(strlen(OXM_JUST_WORKS) + 1); + if(!doxm->oxmType[0]) + { + OICFree(doxm->oxmType); + OICFree(doxm); + return NULL; + } + strcpy(doxm->oxmType[0], OXM_JUST_WORKS); doxm->oxmLen = 1; - doxm->oxm = (OicSecOxm_t *)OICCalloc(doxm->oxmLen, sizeof(short)); + doxm->oxm = (OicSecOxm_t *)OICCalloc(doxm->oxmLen, sizeof(OicSecOxm_t)); + if(!doxm->oxm) + { + OICFree(doxm->oxmType[0]); + OICFree(doxm->oxmType); + OICFree(doxm); + return NULL; + } + doxm->oxm[0] = OIC_JUST_WORKS; doxm->oxmSel = OIC_JUST_WORKS; doxm->owned = true; @@ -104,8 +129,7 @@ TEST(DoxmEntityHandlerTest, DoxmEntityHandlerValidRequest) char query[] = "oxm=0&owned=false&owner=owner1"; OCEntityHandlerRequest req = {}; req.method = OC_REST_GET; - req.query = (char*)OICMalloc(strlen(query) + 1); - strcpy((char *)req.query, query); + req.query = OICStrdup(query); EXPECT_EQ(OC_EH_ERROR, DoxmEntityHandler(OCEntityHandlerFlag::OC_REQUEST_FLAG, &req)); OICFree(req.query); @@ -123,7 +147,6 @@ TEST(BinToDoxmJSONTest, BinToDoxmJSONValidDoxm) OicSecDoxm_t * doxm = getBinDoxm(); char * json = BinToDoxmJSON(doxm); - printf("BinToDoxmJSON:%s\n", json); EXPECT_TRUE(json != NULL); DeleteDoxmBinData(doxm); @@ -141,6 +164,7 @@ TEST(JSONToDoxmBinTest, JSONToDoxmBinValidJSON) EXPECT_TRUE(doxm2 != NULL); DeleteDoxmBinData(doxm1); + DeleteDoxmBinData(doxm2); OICFree(json); } diff --git a/resource/csdk/security/unittest/pstatresource.cpp b/resource/csdk/security/unittest/pstatresource.cpp index 10398c5..c899ea5 100644 --- a/resource/csdk/security/unittest/pstatresource.cpp +++ b/resource/csdk/security/unittest/pstatresource.cpp @@ -27,6 +27,7 @@ #include "base64.h" #include "cainterface.h" #include "secureresourcemanager.h" +#include "ocpayload.h" #include #ifdef __cplusplus extern "C" { @@ -73,11 +74,10 @@ TEST(PstatEntityHandlerTest, PstatEntityHandlerWithPostRequest) { OCEntityHandlerRequest req; req.method = OC_REST_POST; - req.payload = (OCPayload*)calloc(1, sizeof(OCSecurityPayload)); - req.payload->type = PAYLOAD_TYPE_SECURITY; - ((OCSecurityPayload*)req.payload)->securityData = - (char*)"{ \"pstat\": { \"tm\": 0, \"om\": 3 }}"; + req.payload = reinterpret_cast( + OCSecurityPayloadCreate("{ \"pstat\": { \"tm\": 0, \"om\": 3 }}")); EXPECT_EQ(OC_EH_ERROR, PstatEntityHandler(OCEntityHandlerFlag::OC_REQUEST_FLAG, &req)); + OCPayloadDestroy(req.payload); } TEST(PstatEntityHandlerTest, PstatEntityHandlerInvalidRequest) @@ -113,14 +113,27 @@ TEST(MarshalingAndUnMarshalingTest, BinToPstatJSONAndJSONToPstatBin) pstat.om = SINGLE_SERVICE_CLIENT_DRIVEN; pstat.smLen = 2; pstat.sm = (OicSecDpom_t*)OICCalloc(pstat.smLen, sizeof(OicSecDpom_t)); + if(!pstat.sm) + { + FAIL() << "Failed to allocate the pstat.sm"; + } pstat.sm[0] = SINGLE_SERVICE_CLIENT_DRIVEN; pstat.sm[1] = SINGLE_SERVICE_SERVER_DRIVEN; char* jsonPstat = BinToPstatJSON(&pstat); + if(!jsonPstat) + { + OICFree(pstat.sm); + FAIL() << "Failed to convert BinToPstatJSON"; + return; + } printf("BinToJSON Dump:\n%s\n\n", jsonPstat); EXPECT_TRUE(jsonPstat != NULL); OicSecPstat_t *pstat1 = JSONToPstatBin(jsonPstat); EXPECT_TRUE(pstat1 != NULL); - OICFree(pstat1->sm); + if(pstat1) + { + OICFree(pstat1->sm); + } OICFree(pstat1); OICFree(jsonPstat); OICFree(pstat.sm); @@ -148,7 +161,6 @@ TEST(PstatTests, JSONMarshalliingTests) EXPECT_TRUE(NULL != pstat); char* jsonStr2 = BinToPstatJSON(pstat); - printf("BinToPstatJSON Dump:\n%s\n\n", jsonStr2); EXPECT_STRNE(jsonStr1, jsonStr2); OICFree(jsonStr1); diff --git a/resource/csdk/security/unittest/srmutility.cpp b/resource/csdk/security/unittest/srmutility.cpp index 5e4b1fb..7dd2217 100644 --- a/resource/csdk/security/unittest/srmutility.cpp +++ b/resource/csdk/security/unittest/srmutility.cpp @@ -19,6 +19,7 @@ #include "gtest/gtest.h" #include "ocstack.h" #include "srmutility.h" +#include "oic_string.h" //ParseRestQuery Tests @@ -39,10 +40,8 @@ TEST(ParseRestQueryTest, ParseSingleRestQuery) ParseQueryIterInit(query, &parseIter); EXPECT_NE((OicParseQueryIter_t *)NULL, GetNextQuery(&parseIter)); - strncpy(attr, (char *)parseIter.attrPos, parseIter.attrLen); - strncpy(val, (char *)parseIter.valPos, parseIter.valLen); - attr[parseIter.attrLen] = '\0'; - val[parseIter.valLen] = '\0'; + OICStrcpyPartial(attr, sizeof(attr), (char *)parseIter.attrPos, parseIter.attrLen); + OICStrcpyPartial(val, sizeof(val), (char *)parseIter.valPos, parseIter.valLen); printf("\nAttribute: %s value: %s\n\n", attr, val); } @@ -59,10 +58,8 @@ TEST(ParseRestQueryTest, ParseRestMultipleQuery) { EXPECT_NE(static_cast(0), parseIter.pi.segment_length); - strncpy(attr, (char *)parseIter.attrPos, parseIter.attrLen); - strncpy(val, (char *)parseIter.valPos, parseIter.valLen); - attr[parseIter.attrLen] = '\0'; - val[parseIter.valLen] = '\0'; + OICStrcpyPartial(attr, sizeof(attr), (char *)parseIter.attrPos, parseIter.attrLen); + OICStrcpyPartial(val, sizeof(val), (char *)parseIter.valPos, parseIter.valLen); printf("Attribute: %s value: %s\n", attr, val); } diff --git a/resource/csdk/stack/include/ocpayload.h b/resource/csdk/stack/include/ocpayload.h index e56861c..7550059 100644 --- a/resource/csdk/stack/include/ocpayload.h +++ b/resource/csdk/stack/include/ocpayload.h @@ -349,7 +349,7 @@ void OCRepPayloadDestroy(OCRepPayload* payload); // Discovery Payload OCDiscoveryPayload* OCDiscoveryPayloadCreate(); -OCSecurityPayload* OCSecurityPayloadCreate(char* securityData); +OCSecurityPayload* OCSecurityPayloadCreate(const char* securityData); void OCSecurityPayloadDestroy(OCSecurityPayload* payload); void OCDiscoveryPayloadAddResource(OCDiscoveryPayload* payload, const OCResource* res, diff --git a/resource/csdk/stack/samples/linux/SimpleClientServer/occlientbasicops.cpp b/resource/csdk/stack/samples/linux/SimpleClientServer/occlientbasicops.cpp index 70c69a1..3cfa30b 100644 --- a/resource/csdk/stack/samples/linux/SimpleClientServer/occlientbasicops.cpp +++ b/resource/csdk/stack/samples/linux/SimpleClientServer/occlientbasicops.cpp @@ -354,7 +354,7 @@ int InitDiscovery() } else { - strcpy(szQueryUri, MULTICAST_RESOURCE_DISCOVERY_QUERY); + OICStrcpy(szQueryUri, sizeof(szQueryUri), MULTICAST_RESOURCE_DISCOVERY_QUERY); } cbData.cb = discoveryReqCB; cbData.context = (void*)DEFAULT_CONTEXT_VALUE; @@ -546,7 +546,7 @@ void printResourceList() OC_LOG_V(INFO, TAG, "port = %s", iter->port); switch (iter->connType & CT_MASK_ADAPTER) { - case CT_ADAPTER_IP: + case OC_ADAPTER_IP: OC_LOG(INFO, TAG, "connType = Default (IPv4)"); break; case OC_ADAPTER_GATT_BTLE: diff --git a/resource/csdk/stack/samples/linux/SimpleClientServer/occlientcoll.cpp b/resource/csdk/stack/samples/linux/SimpleClientServer/occlientcoll.cpp index 94e9e14..9e39ab7 100644 --- a/resource/csdk/stack/samples/linux/SimpleClientServer/occlientcoll.cpp +++ b/resource/csdk/stack/samples/linux/SimpleClientServer/occlientcoll.cpp @@ -276,7 +276,9 @@ int InitObserveRequest(OCClientResponse * clientResponse) cbData.context = (void*)DEFAULT_CONTEXT_VALUE; cbData.cd = NULL; OC_LOG_V(INFO, TAG, "OBSERVE payload from client ="); - OC_LOG_PAYLOAD(INFO, TAG, putPayload()); + OCPayload* payload = putPayload(); + OC_LOG_PAYLOAD(INFO, TAG, payload); + OCPayloadDestroy(payload); ret = OCDoResource(&handle, OC_REST_OBSERVE, obsReg.str().c_str(), 0, 0, OC_CONNTYPE, OC_LOW_QOS, &cbData, NULL, 0); @@ -305,7 +307,9 @@ int InitPutRequest(OCClientResponse * clientResponse) cbData.context = (void*)DEFAULT_CONTEXT_VALUE; cbData.cd = NULL; OC_LOG_V(INFO, TAG, "PUT payload from client = "); - OC_LOG_PAYLOAD(INFO, TAG, putPayload()); + OCPayload* payload = putPayload(); + OC_LOG_PAYLOAD(INFO, TAG, payload); + OCPayloadDestroy(payload); ret = OCDoResource(NULL, OC_REST_PUT, getQuery.str().c_str(), 0, putPayload(), OC_CONNTYPE, OC_LOW_QOS, &cbData, NULL, 0); @@ -385,7 +389,7 @@ int main(int argc, char* argv[]) } } if ((TEST <= TEST_INVALID || TEST >= MAX_TESTS) || - (CONNECTIVITY < CT_ADAPTER_DEFAULT || CONNECTIVITY >= MAX_CT)) + CONNECTIVITY >= MAX_CT) { PrintUsage(); return -1; diff --git a/resource/csdk/stack/samples/linux/SimpleClientServer/occlientslow.cpp b/resource/csdk/stack/samples/linux/SimpleClientServer/occlientslow.cpp index e875cf2..aed6f4b 100644 --- a/resource/csdk/stack/samples/linux/SimpleClientServer/occlientslow.cpp +++ b/resource/csdk/stack/samples/linux/SimpleClientServer/occlientslow.cpp @@ -28,6 +28,7 @@ #include "ocstack.h" #include "logger.h" #include "occlientslow.h" +#include "oic_string.h" #include "ocpayload.h" // Tracking user input @@ -236,7 +237,7 @@ int InitDiscovery() } else { - strcpy(szQueryUri, MULTICAST_RESOURCE_DISCOVERY_QUERY); + OICStrcpy(szQueryUri, sizeof(szQueryUri), MULTICAST_RESOURCE_DISCOVERY_QUERY); } cbData.cb = discoveryReqCB; cbData.context = (void*)DEFAULT_CONTEXT_VALUE; diff --git a/resource/csdk/stack/samples/linux/SimpleClientServer/ocserverbasicops.cpp b/resource/csdk/stack/samples/linux/SimpleClientServer/ocserverbasicops.cpp index e389865..0e93500 100644 --- a/resource/csdk/stack/samples/linux/SimpleClientServer/ocserverbasicops.cpp +++ b/resource/csdk/stack/samples/linux/SimpleClientServer/ocserverbasicops.cpp @@ -225,7 +225,7 @@ OCEntityHandlerCb (OCEntityHandlerFlag flag, OC_LOG_V (INFO, TAG, "Inside entity handler - flags: 0x%x", flag); OCEntityHandlerResult ehResult = OC_EH_ERROR; - OCEntityHandlerResponse response; + OCEntityHandlerResponse response = {}; // Validate pointer if (!entityHandlerRequest) diff --git a/resource/csdk/stack/samples/linux/SimpleClientServer/ocservercoll.cpp b/resource/csdk/stack/samples/linux/SimpleClientServer/ocservercoll.cpp index d3fed5a..45f67c4 100644 --- a/resource/csdk/stack/samples/linux/SimpleClientServer/ocservercoll.cpp +++ b/resource/csdk/stack/samples/linux/SimpleClientServer/ocservercoll.cpp @@ -160,7 +160,6 @@ OCEntityHandlerResult OCEntityHandlerRoomCb(OCEntityHandlerFlag flag, { OCEntityHandlerResult ret = OC_EH_OK; OCEntityHandlerResponse response; - OCRepPayload* payload = OCRepPayloadCreate(); OC_LOG_V(INFO, TAG, "Callback for Room"); PrintReceivedMsgInfo(flag, ehRequest ); @@ -168,6 +167,7 @@ OCEntityHandlerResult OCEntityHandlerRoomCb(OCEntityHandlerFlag flag, if(ehRequest && flag == OC_REQUEST_FLAG ) { std::string query = (const char*)ehRequest->query; + OCRepPayload* payload = OCRepPayloadCreate(); if(OC_REST_GET == ehRequest->method) { @@ -311,6 +311,7 @@ OCEntityHandlerResult OCEntityHandlerRoomCb(OCEntityHandlerFlag flag, { OC_LOG_V (INFO, TAG, "Received unsupported method %d from client", ehRequest->method); + OCRepPayloadDestroy(payload); ret = OC_EH_ERROR; } } @@ -326,13 +327,13 @@ OCEntityHandlerResult OCEntityHandlerLightCb(OCEntityHandlerFlag flag, { OCEntityHandlerResult ret = OC_EH_OK; OCEntityHandlerResponse response; - OCRepPayload* payload = OCRepPayloadCreate(); OC_LOG_V(INFO, TAG, "Callback for Light"); PrintReceivedMsgInfo(flag, ehRequest ); if(ehRequest && flag == OC_REQUEST_FLAG) { + OCRepPayload* payload = OCRepPayloadCreate(); if(OC_REST_GET == ehRequest->method) { OCRepPayloadSetUri(payload, gLightResourceUri); @@ -373,6 +374,10 @@ OCEntityHandlerResult OCEntityHandlerLightCb(OCEntityHandlerFlag flag, ret = OC_EH_ERROR; } } + else + { + OCRepPayloadDestroy(payload); + } } else if (ehRequest && flag == OC_OBSERVE_FLAG) { @@ -387,13 +392,14 @@ OCEntityHandlerResult OCEntityHandlerFanCb(OCEntityHandlerFlag flag, { OCEntityHandlerResult ret = OC_EH_OK; OCEntityHandlerResponse response; - OCRepPayload* payload = OCRepPayloadCreate(); OC_LOG_V(INFO, TAG, "Callback for Fan"); PrintReceivedMsgInfo(flag, ehRequest ); if(ehRequest && flag == OC_REQUEST_FLAG) { + OCRepPayload* payload = OCRepPayloadCreate(); + if(OC_REST_GET == ehRequest->method) { OCRepPayloadSetUri(payload, gFanResourceUri); @@ -434,6 +440,7 @@ OCEntityHandlerResult OCEntityHandlerFanCb(OCEntityHandlerFlag flag, ret = OC_EH_ERROR; } } + OCRepPayloadDestroy(payload); } else if (ehRequest && flag == OC_OBSERVE_FLAG) diff --git a/resource/csdk/stack/samples/linux/SimpleClientServer/ocserverslow.cpp b/resource/csdk/stack/samples/linux/SimpleClientServer/ocserverslow.cpp index 99a0b52..fed8f34 100644 --- a/resource/csdk/stack/samples/linux/SimpleClientServer/ocserverslow.cpp +++ b/resource/csdk/stack/samples/linux/SimpleClientServer/ocserverslow.cpp @@ -28,6 +28,7 @@ #include #include "ocstack.h" #include "oic_malloc.h" +#include "oic_string.h" #include "logger.h" #include "cJSON.h" #include "ocserverslow.h" @@ -154,11 +155,13 @@ OCEntityHandlerRequest *CopyRequest(OCEntityHandlerRequest *entityHandlerRequest if (copyOfRequest->query) { - // Do deep copy of query - copyOfRequest->query = (char *) OICMalloc( - strlen((const char *)entityHandlerRequest->query) + 1); - - strcpy((char *)copyOfRequest->query, (const char *)entityHandlerRequest->query); + copyOfRequest->query = OICStrdup(entityHandlerRequest->query); + if(!copyOfRequest->query) + { + OC_LOG(ERROR, TAG, "Copy failed due to allocation failure"); + OICFree(copyOfRequest); + return NULL; + } } if (entityHandlerRequest->payload) diff --git a/resource/csdk/stack/samples/linux/secure/occlientbasicops.cpp b/resource/csdk/stack/samples/linux/secure/occlientbasicops.cpp index dd84fc3..d56a790 100644 --- a/resource/csdk/stack/samples/linux/secure/occlientbasicops.cpp +++ b/resource/csdk/stack/samples/linux/secure/occlientbasicops.cpp @@ -29,6 +29,7 @@ #include "logger.h" #include "occlientbasicops.h" #include "ocpayload.h" +#include "oic_string.h" #include "common.h" #define TAG "occlientbasicops" @@ -282,7 +283,7 @@ int InitDiscovery() { //Send discovery request on Wifi and Ethernet interface discoveryReqConnType = CT_DEFAULT; - strcpy(szQueryUri, MULTICAST_DISCOVERY_QUERY); + OICStrcpy(szQueryUri, sizeof(szQueryUri), MULTICAST_DISCOVERY_QUERY); method = OC_REST_DISCOVER; } diff --git a/resource/csdk/stack/samples/linux/secure/ocserverbasicops.cpp b/resource/csdk/stack/samples/linux/secure/ocserverbasicops.cpp index 6e212fe..37df0ac 100644 --- a/resource/csdk/stack/samples/linux/secure/ocserverbasicops.cpp +++ b/resource/csdk/stack/samples/linux/secure/ocserverbasicops.cpp @@ -231,7 +231,7 @@ OCEntityHandlerCb (OCEntityHandlerFlag flag, OC_LOG_V (INFO, TAG, "Inside entity handler - flags: 0x%x", flag); OCEntityHandlerResult ehResult = OC_EH_ERROR; - OCEntityHandlerResponse response; + OCEntityHandlerResponse response = {}; // Validate pointer if (!entityHandlerRequest) diff --git a/resource/csdk/stack/src/ocobserve.c b/resource/csdk/stack/src/ocobserve.c index 201dac8..f587d74 100644 --- a/resource/csdk/stack/src/ocobserve.c +++ b/resource/csdk/stack/src/ocobserve.c @@ -163,6 +163,7 @@ OCStackResult SendAllObserverNotification (OCMethod method, OCResource *resPtr, FindAndDeleteServerRequest(request); } } + OCPayloadDestroy(ehRequest.payload); } } #ifdef WITH_PRESENCE diff --git a/resource/csdk/stack/src/ocpayload.c b/resource/csdk/stack/src/ocpayload.c index afb8700..7b9b9a3 100644 --- a/resource/csdk/stack/src/ocpayload.c +++ b/resource/csdk/stack/src/ocpayload.c @@ -30,6 +30,7 @@ #define TAG "OCPayload" static void OCFreeRepPayloadValueContents(OCRepPayloadValue* val); +static void FreeOCDiscoveryResource(OCResourcePayload* payload); void OCPayloadDestroy(OCPayload* payload) { @@ -292,7 +293,17 @@ static OCRepPayloadValue* OCRepPayloadFindAndSetValue(OCRepPayload* payload, con if(val == NULL) { payload->values = (OCRepPayloadValue*)OICCalloc(1, sizeof(OCRepPayloadValue)); + if(!payload->values) + { + return NULL; + } payload->values->name = OICStrdup(name); + if(!payload->values->name) + { + OICFree(payload->values); + payload->values = NULL; + return NULL; + } payload->values->type =type; return payload->values; } @@ -308,7 +319,17 @@ static OCRepPayloadValue* OCRepPayloadFindAndSetValue(OCRepPayload* payload, con else if(val->next == NULL) { val->next = (OCRepPayloadValue*)OICCalloc(1, sizeof(OCRepPayloadValue)); + if(!val->next) + { + return NULL; + } val->next->name = OICStrdup(name); + if(!val->next->name) + { + OICFree(val->next); + val->next = NULL; + return NULL; + } val->next->type =type; return val->next; } @@ -1079,7 +1100,7 @@ OCDiscoveryPayload* OCDiscoveryPayloadCreate() return payload; } -OCSecurityPayload* OCSecurityPayloadCreate(char* securityData) +OCSecurityPayload* OCSecurityPayloadCreate(const char* securityData) { OCSecurityPayload* payload = (OCSecurityPayload*)OICCalloc(1, sizeof(OCSecurityPayload)); @@ -1143,6 +1164,11 @@ static OCResourcePayload* OCCopyResource(const OCResource* res, uint16_t port) pl->uri = OICStrdup(res->uri); pl->sid = (uint8_t*)OICCalloc(1, UUID_SIZE); + if(!pl->uri || ! pl->sid) + { + FreeOCDiscoveryResource(pl); + return NULL; + } memcpy(pl->sid, OCGetServerInstanceID(), UUID_SIZE); // types @@ -1151,14 +1177,34 @@ static OCResourcePayload* OCCopyResource(const OCResource* res, uint16_t port) if(typePtr != NULL) { pl->types = (OCStringLL*)OICCalloc(1, sizeof(OCStringLL)); + if(!pl->types) + { + FreeOCDiscoveryResource(pl); + return NULL; + } pl->types->value = OICStrdup(typePtr->resourcetypename); + if(!pl->types->value) + { + FreeOCDiscoveryResource(pl); + return NULL; + } OCStringLL* cur = pl->types; typePtr = typePtr->next; while(typePtr) { cur->next = (OCStringLL*)OICCalloc(1, sizeof(OCStringLL)); + if(!cur->next) + { + FreeOCDiscoveryResource(pl); + return NULL; + } cur->next->value = OICStrdup(typePtr->resourcetypename); + if(!cur->next->value) + { + FreeOCDiscoveryResource(pl); + return NULL; + } cur = cur->next; typePtr = typePtr->next; } @@ -1169,14 +1215,34 @@ static OCResourcePayload* OCCopyResource(const OCResource* res, uint16_t port) if(ifPtr != NULL) { pl->interfaces = (OCStringLL*)OICCalloc(1, sizeof(OCStringLL)); + if(!pl->interfaces) + { + FreeOCDiscoveryResource(pl); + return NULL; + } pl->interfaces->value = OICStrdup(ifPtr->name); + if(!pl->interfaces->value) + { + FreeOCDiscoveryResource(pl); + return NULL; + } OCStringLL* cur = pl->interfaces; ifPtr = ifPtr->next; while(ifPtr) { cur->next = (OCStringLL*)OICCalloc(1, sizeof(OCStringLL)); + if(!cur->next) + { + FreeOCDiscoveryResource(pl); + return NULL; + } cur->next->value = OICStrdup(ifPtr->name); + if(!cur->next->value) + { + FreeOCDiscoveryResource(pl); + return NULL; + } cur = cur->next; ifPtr = ifPtr->next; } @@ -1212,7 +1278,7 @@ void OCDiscoveryPayloadAddNewResource(OCDiscoveryPayload* payload, OCResourcePay } } -void FreeOCDiscoveryResource(OCResourcePayload* payload) +static void FreeOCDiscoveryResource(OCResourcePayload* payload) { if(!payload) { diff --git a/resource/csdk/stack/src/ocpayloadconvert.c b/resource/csdk/stack/src/ocpayloadconvert.c index 3b6bd02..40c8399 100644 --- a/resource/csdk/stack/src/ocpayloadconvert.c +++ b/resource/csdk/stack/src/ocpayloadconvert.c @@ -152,6 +152,13 @@ static OCStackResult OCConvertDiscoveryPayload(OCDiscoveryPayload* payload, uint { CborEncoder map; OCResourcePayload* resource = OCDiscoveryPayloadGetResource(payload, i); + + if(!resource) + { + OICFree(*outPayload); + return OC_STACK_INVALID_PARAM; + } + err = err || cbor_encoder_create_map(&rootArray, &map, 3); // Uri err = err || AddTextStringToMap(&map, OC_RSRVD_HREF, diff --git a/resource/csdk/stack/src/ocpayloadparse.c b/resource/csdk/stack/src/ocpayloadparse.c index 34e940c..6a67bd2 100644 --- a/resource/csdk/stack/src/ocpayloadparse.c +++ b/resource/csdk/stack/src/ocpayloadparse.c @@ -59,7 +59,7 @@ OCStackResult OCParsePayload(OCPayload** outPayload, const uint8_t* payload, siz // enter the array err = err || cbor_value_enter_container(&rootValue, &arrayValue); - int payloadType; + int payloadType = 0; err = err || cbor_value_get_int(&arrayValue, &payloadType); err = err || cbor_value_advance_fixed(&arrayValue); @@ -171,6 +171,7 @@ static OCStackResult OCParseDiscoveryPayload(OCPayload** outPayload, CborValue* if(!resource) { OC_LOG_V(ERROR, TAG, "Memory allocation failed"); + OCDiscoveryPayloadDestroy(out); return OC_STACK_NO_MEMORY; } CborValue curVal; @@ -203,27 +204,38 @@ static OCStackResult OCParseDiscoveryPayload(OCPayload** outPayload, CborValue* llPtr = resource->types; if(!llPtr) { - OC_LOG_V(ERROR, TAG, "Memory allocation failed"); + OC_LOG(ERROR, TAG, PCF("Memory allocation failed")); OICFree(resource->uri); OICFree(resource->sid); OICFree(resource); + OCDiscoveryPayloadDestroy(out); return OC_STACK_NO_MEMORY; } } - else + else if(llPtr) { llPtr->next = (OCStringLL*)OICCalloc(1, sizeof(OCStringLL)); llPtr = llPtr->next; if(!llPtr) { - OC_LOG_V(ERROR, TAG, "Memory allocation failed"); + OC_LOG(ERROR, TAG, PCF("Memory allocation failed")); OICFree(resource->uri); OICFree(resource->sid); OCFreeOCStringLL(resource->types); OICFree(resource); + OCDiscoveryPayloadDestroy(out); return OC_STACK_NO_MEMORY; } - + } + else + { + OC_LOG(ERROR, TAG, PCF("Unknown state in resource type copying")); + OICFree(resource->uri); + OICFree(resource->sid); + OCFreeOCStringLL(resource->types); + OICFree(resource); + OCDiscoveryPayloadDestroy(out); + return OC_STACK_NO_MEMORY; } err = err || cbor_value_dup_text_string(&rtVal, &(llPtr->value), &len, NULL); @@ -252,10 +264,11 @@ static OCStackResult OCParseDiscoveryPayload(OCPayload** outPayload, CborValue* OICFree(resource->sid); OCFreeOCStringLL(resource->types); OICFree(resource); + OCDiscoveryPayloadDestroy(out); return OC_STACK_NO_MEMORY; } } - else + else if (llPtr) { llPtr->next = (OCStringLL*)OICCalloc(1, sizeof(OCStringLL)); llPtr = llPtr->next; @@ -267,9 +280,20 @@ static OCStackResult OCParseDiscoveryPayload(OCPayload** outPayload, CborValue* OCFreeOCStringLL(resource->types); OCFreeOCStringLL(resource->interfaces); OICFree(resource); + OCDiscoveryPayloadDestroy(out); return OC_STACK_NO_MEMORY; } } + else + { + OC_LOG(ERROR, TAG, PCF("Unknown state in resource interfaces copying")); + OICFree(resource->uri); + OICFree(resource->sid); + OCFreeOCStringLL(resource->types); + OICFree(resource); + OCDiscoveryPayloadDestroy(out); + return OC_STACK_NO_MEMORY; + } err = err || cbor_value_dup_text_string(&ifVal, &(llPtr->value), &len, NULL); err = err || cbor_value_advance(&ifVal); @@ -305,7 +329,7 @@ static OCStackResult OCParseDiscoveryPayload(OCPayload** outPayload, CborValue* } } - err = err || cbor_value_advance(arrayVal); + err = err || cbor_value_advance(arrayVal); if(err) { OICFree(resource->uri); @@ -321,9 +345,16 @@ static OCStackResult OCParseDiscoveryPayload(OCPayload** outPayload, CborValue* OCDiscoveryPayloadAddNewResource(out, resource); } - *outPayload = (OCPayload*)out; - - return OC_STACK_OK; + if(err) + { + OCDiscoveryPayloadDestroy(out); + return OC_STACK_MALFORMED_RESPONSE; + } + else + { + *outPayload = (OCPayload*)out; + return OC_STACK_OK; + } } static OCStackResult OCParseDevicePayload(OCPayload** outPayload, CborValue* arrayVal) @@ -557,85 +588,112 @@ static bool OCParseArray(OCRepPayload* out, const char* name, CborValue* contain { case OCREP_PROP_INT: arr = (int64_t*)OICMalloc(dimTotal * sizeof(int64_t)); - for(size_t i = 0; i < dimTotal && !err; ++i) + if (arr) { - err = err || cbor_value_get_int64(&insideArray, &(((int64_t*)arr)[i])); - err = err || cbor_value_advance_fixed(&insideArray); + for(size_t i = 0; i < dimTotal && !err; ++i) + { + err = err || cbor_value_get_int64(&insideArray, &(((int64_t*)arr)[i])); + err = err || cbor_value_advance_fixed(&insideArray); + } + if(err || !OCRepPayloadSetIntArrayAsOwner(out, name, (int64_t*)arr, dimensions)) + { + OICFree(arr); + err = true; + } } - if(!err && - OCRepPayloadSetIntArrayAsOwner(out, name, (int64_t*)arr, dimensions)) - {} else { - err = CborUnknownError; + err = true; } break; case OCREP_PROP_DOUBLE: arr = (double*)OICMalloc(dimTotal * sizeof(double)); - for(size_t i = 0; i < dimTotal && !err; ++i) + if(arr) { - err = err || cbor_value_get_double(&insideArray, &(((double*)arr)[i])); - err = err || cbor_value_advance_fixed(&insideArray); + for(size_t i = 0; i < dimTotal && !err; ++i) + { + err = err || cbor_value_get_double(&insideArray, &(((double*)arr)[i])); + err = err || cbor_value_advance_fixed(&insideArray); + } + if(err || !OCRepPayloadSetDoubleArrayAsOwner(out, name, (double*)arr, dimensions)) + { + OICFree(arr); + err = true; + } } - if(!err && - OCRepPayloadSetDoubleArrayAsOwner(out, name, (double*)arr, dimensions)) - {} else { - err = CborUnknownError; + err = true; } break; case OCREP_PROP_BOOL: arr = (bool*)OICMalloc(dimTotal * sizeof(bool)); - for(size_t i = 0; i < dimTotal && !err; ++i) + if(arr) { - err = err || cbor_value_get_boolean(&insideArray, &(((bool*)arr)[i])); - err = err || cbor_value_advance_fixed(&insideArray); + for(size_t i = 0; i < dimTotal && !err; ++i) + { + err = err || cbor_value_get_boolean(&insideArray, &(((bool*)arr)[i])); + err = err || cbor_value_advance_fixed(&insideArray); + } + if(err && !OCRepPayloadSetBoolArrayAsOwner(out, name, (bool*)arr, dimensions)) + { + OICFree(arr); + err = true; + } } - if(!err && - OCRepPayloadSetBoolArrayAsOwner(out, name, (bool*)arr, dimensions)) - {} else { - err = CborUnknownError; + err = true; } break; case OCREP_PROP_STRING: arr = (char**)OICMalloc(dimTotal * sizeof(char*)); - for(size_t i = 0; i < dimTotal && !err; ++i) + if(arr) { - err = err || cbor_value_dup_text_string(&insideArray, &tempStr, &len, NULL); - ((char**) arr)[i] = tempStr; - err = err || cbor_value_advance(&insideArray); + for(size_t i = 0; i < dimTotal && !err; ++i) + { + err = err || cbor_value_dup_text_string(&insideArray, &tempStr, + &len, NULL); + err = err || cbor_value_advance(&insideArray); + ((char**)arr)[i] = tempStr; + } + if(err || !OCRepPayloadSetStringArrayAsOwner(out, name, (char**)arr, dimensions)) + { + OICFree(arr); + err = true; + } } - if(!err && - OCRepPayloadSetStringArrayAsOwner(out, name, (char**)arr, dimensions)) - {} else { - err = CborUnknownError; + err = true; } break; case OCREP_PROP_OBJECT: arr = (OCRepPayload**)OICMalloc(dimTotal * sizeof(OCRepPayload*)); - for(size_t i = 0; i < dimTotal && !err; ++i) + if(arr) { - pl = NULL; - err = err || OCParseSingleRepPayload(&pl, &insideArray); - ((OCRepPayload**)arr)[i] = pl; - err = err || cbor_value_advance(&insideArray); + for(size_t i = 0; i < dimTotal && !err; ++i) + { + pl = NULL; + err = err || OCParseSingleRepPayload(&pl, &insideArray); + err = err || cbor_value_advance(&insideArray); + ((OCRepPayload**)arr)[i] = pl; + } + if(err || !OCRepPayloadSetPropObjectArrayAsOwner(out, name, + (OCRepPayload**)arr, dimensions)) + { + OICFree(arr); + err = true; + } } - if(!err && - OCRepPayloadSetPropObjectArrayAsOwner(out, name, (OCRepPayload**)arr, dimensions)) - {} else { - err = CborUnknownError; + err = true; } break; default: OC_LOG(ERROR, TAG, "Invalid Array type in Parse Array"); - err = CborUnknownError; + err = true; break; } @@ -664,7 +722,7 @@ static bool OCParseSingleRepPayload(OCRepPayload** outPayload, CborValue* repPar err = err || cbor_value_map_find_value(repParent, OC_RSRVD_PROPERTY, &curVal); if(cbor_value_is_valid(&curVal)) { - CborValue insidePropArray; + CborValue insidePropArray = {}; err = err || cbor_value_map_find_value(&curVal, OC_RSRVD_RESOURCE_TYPE, &insidePropArray); @@ -724,27 +782,42 @@ static bool OCParseSingleRepPayload(OCRepPayload** outPayload, CborValue* repPar switch(cbor_value_get_type(&repMap)) { case CborNullType: - OCRepPayloadSetNull(curPayload, name); + err = !OCRepPayloadSetNull(curPayload, name); break; case CborIntegerType: err = err || cbor_value_get_int64(&repMap, &intval); - OCRepPayloadSetPropInt(curPayload, name, intval); + if (!err) + { + err = !OCRepPayloadSetPropInt(curPayload, name, intval); + } break; case CborDoubleType: err = err || cbor_value_get_double(&repMap, &doubleval); - OCRepPayloadSetPropDouble(curPayload, name, doubleval); + if (!err) + { + err = !OCRepPayloadSetPropDouble(curPayload, name, doubleval); + } break; case CborBooleanType: err = err || cbor_value_get_boolean(&repMap, &boolval); - OCRepPayloadSetPropBool(curPayload, name, boolval); + if (!err) + { + err = !OCRepPayloadSetPropBool(curPayload, name, boolval); + } break; case CborTextStringType: err = err || cbor_value_dup_text_string(&repMap, &strval, &len, NULL); - OCRepPayloadSetPropStringAsOwner(curPayload, name, strval); + if (!err) + { + err = !OCRepPayloadSetPropStringAsOwner(curPayload, name, strval); + } break; case CborMapType: err = err || OCParseSingleRepPayload(&pl, &repMap); - OCRepPayloadSetPropObjectAsOwner(curPayload, name, pl); + if (!err) + { + err = !OCRepPayloadSetPropObjectAsOwner(curPayload, name, pl); + } break; case CborArrayType: err = err || OCParseArray(curPayload, name, &repMap); @@ -817,16 +890,16 @@ static OCStackResult OCParsePresencePayload(OCPayload** outPayload, CborValue* a CborValue curVal; // Sequence Number - err = err || cbor_value_map_find_value(arrayVal, OC_RSRVD_NONCE, &curVal); - err = err || cbor_value_get_uint64(&curVal, &seqNum); + err = err || cbor_value_map_find_value(arrayVal, OC_RSRVD_NONCE, &curVal); + err = err || cbor_value_get_uint64(&curVal, &seqNum); // Max Age - err = err || cbor_value_map_find_value(arrayVal, OC_RSRVD_TTL, &curVal); - err = err || cbor_value_get_uint64(&curVal, &maxAge); + err = err || cbor_value_map_find_value(arrayVal, OC_RSRVD_TTL, &curVal); + err = err || cbor_value_get_uint64(&curVal, &maxAge); // Trigger - err = err || cbor_value_map_find_value(arrayVal, OC_RSRVD_TRIGGER, &curVal); - err = err || cbor_value_dup_text_string(&curVal, &tempStr, &len, NULL); + err = err || cbor_value_map_find_value(arrayVal, OC_RSRVD_TRIGGER, &curVal); + err = err || cbor_value_dup_text_string(&curVal, &tempStr, &len, NULL); trigger = convertTriggerStringToEnum(tempStr); OICFree(tempStr); tempStr = NULL; diff --git a/resource/csdk/stack/src/ocresource.c b/resource/csdk/stack/src/ocresource.c index 5f64f10..3945196 100644 --- a/resource/csdk/stack/src/ocresource.c +++ b/resource/csdk/stack/src/ocresource.c @@ -706,6 +706,7 @@ HandleDefaultDeviceEntityHandler (OCServerRequest *request) } result = EntityHandlerCodeToOCStackCode(ehResult); exit: + OCPayloadDestroy(ehRequest.payload); return result; } @@ -827,6 +828,7 @@ HandleResourceWithEntityHandler (OCServerRequest *request, } result = EntityHandlerCodeToOCStackCode(ehResult); exit: + OCPayloadDestroy(ehRequest.payload); return result; } @@ -854,12 +856,13 @@ HandleCollectionResourceDefaultEntityHandler (OCServerRequest *request, request->rcvdVendorSpecificHeaderOptions, (OCObserveAction)request->observationOption, (OCObservationId)0); - if(result != OC_STACK_OK) + if(result == OC_STACK_OK) { - return result; + result = DefaultCollectionEntityHandler (OC_REQUEST_FLAG, &ehRequest); } - return (DefaultCollectionEntityHandler (OC_REQUEST_FLAG, &ehRequest)); + OCPayloadDestroy(ehRequest.payload); + return result; } OCStackResult diff --git a/resource/csdk/stack/src/ocserverrequest.c b/resource/csdk/stack/src/ocserverrequest.c index 02883a0..215222a 100644 --- a/resource/csdk/stack/src/ocserverrequest.c +++ b/resource/csdk/stack/src/ocserverrequest.c @@ -515,6 +515,7 @@ OCStackResult HandleSingleResponse(OCEntityHandlerResponse * ehResponse) != OC_STACK_OK) { OC_LOG(ERROR, TAG, "Error converting payload"); + OICFree(responseInfo.info.options); return result; } @@ -522,6 +523,7 @@ OCStackResult HandleSingleResponse(OCEntityHandlerResponse * ehResponse) { OICFree(responseInfo.info.payload); OC_LOG(ERROR, TAG, "Payload too long!"); + OICFree(responseInfo.info.options); return OC_STACK_INVALID_PARAM; } } @@ -657,7 +659,6 @@ OCStackResult HandleAggregateResponse(OCEntityHandlerResponse * ehResponse) if(!serverResponse->payload) { - serverResponse->payload = (OCPayload*)OCRepPayloadCreate(); serverResponse->payload = ehResponse->payload; } else diff --git a/resource/csdk/stack/src/ocstack.c b/resource/csdk/stack/src/ocstack.c index bc806fe..c5ffe33 100644 --- a/resource/csdk/stack/src/ocstack.c +++ b/resource/csdk/stack/src/ocstack.c @@ -397,8 +397,7 @@ void CopyEndpointToDevAddr(const CAEndpoint_t *in, OCDevAddr *out) out->adapter = (OCTransportAdapter)in->adapter; out->flags = CAToOCTransportFlags(in->flags); - strncpy(out->addr, in->addr, MAX_ADDR_STR_SIZE); - out->addr[MAX_ADDR_STR_SIZE - 1] = '\0'; + OICStrcpy(out->addr, sizeof(out->addr), in->addr); out->port = in->port; } @@ -409,7 +408,7 @@ void CopyDevAddrToEndpoint(const OCDevAddr *in, CAEndpoint_t *out) out->adapter = (CATransportAdapter_t)in->adapter; out->flags = OCToCATransportFlags(in->flags); - strncpy(out->addr, in->addr, MAX_ADDR_STR_SIZE); + OICStrcpy(out->addr, sizeof(out->addr), in->addr); out->port = in->port; } @@ -430,7 +429,7 @@ static OCStackResult OCCreateEndpoint(OCDevAddr *devAddr, CAEndpoint_t **endpoin ep->adapter = CA_ADAPTER_IP; } ep->flags = OCToCATransportFlags(devAddr->flags); - strncpy(ep->addr, devAddr->addr, MAX_ADDR_STR_SIZE_CA); + OICStrcpy(ep->addr, sizeof(ep->addr), devAddr->addr); ep->port = devAddr->port; *endpoint = ep; @@ -728,7 +727,11 @@ const char *convertTriggerEnumToString(OCPresenceTrigger trigger) OCPresenceTrigger convertTriggerStringToEnum(const char * triggerStr) { - if(strcmp(triggerStr, OC_RSRVD_TRIGGER_CREATE) == 0) + if(!triggerStr) + { + return OC_PRESENCE_TRIGGER_CREATE; + } + else if(strcmp(triggerStr, OC_RSRVD_TRIGGER_CREATE) == 0) { return OC_PRESENCE_TRIGGER_CREATE; } @@ -754,7 +757,6 @@ static int FormCanonicalPresenceUri(const CAEndpoint_t *endpoint, char *resource VERIFY_NON_NULL(resourceUri, FATAL, OC_STACK_INVALID_PARAM); VERIFY_NON_NULL(presenceUri, FATAL, OC_STACK_INVALID_PARAM); - const char *format; CAEndpoint_t *ep = (CAEndpoint_t *)endpoint; if (ep->adapter == CA_ADAPTER_IP) @@ -767,7 +769,8 @@ static int FormCanonicalPresenceUri(const CAEndpoint_t *endpoint, char *resource } else { - format = "coap://[%s]:%u%s"; + return snprintf(presenceUri, CA_MAX_URI_LENGTH, "coap://[%s]:%u%s", + ep->addr, ep->port, OC_RSRVD_PRESENCE_URI); } } else @@ -777,15 +780,13 @@ static int FormCanonicalPresenceUri(const CAEndpoint_t *endpoint, char *resource OICStrcpy(ep->addr, sizeof(ep->addr), OC_MULTICAST_IP); ep->port = OC_MULTICAST_PORT; } - format = "coap://%s:%u%s"; + return snprintf(presenceUri, CA_MAX_URI_LENGTH, "coap://%s:%u%s", + ep->addr, ep->port, OC_RSRVD_PRESENCE_URI); } - return snprintf(presenceUri, CA_MAX_URI_LENGTH, format, ep->addr, - ep->port, OC_RSRVD_PRESENCE_URI); } // might work for other adapters (untested, but better than nothing) - format = "coap://%s%s"; - return snprintf(presenceUri, CA_MAX_URI_LENGTH, format, ep->addr, + return snprintf(presenceUri, CA_MAX_URI_LENGTH, "coap://%s%s", ep->addr, OC_RSRVD_PRESENCE_URI); } @@ -799,7 +800,7 @@ OCStackResult HandlePresenceResponse(const CAEndpoint_t *endpoint, OCStackApplicationResult cbResult = OC_STACK_DELETE_TRANSACTION; ClientCB * cbNode = NULL; char *resourceTypeName = NULL; - OCClientResponse response; + OCClientResponse response = {}; OCStackResult result = OC_STACK_ERROR; uint32_t maxAge = 0; int uriLen; @@ -859,11 +860,17 @@ OCStackResult HandlePresenceResponse(const CAEndpoint_t *endpoint, result = OCParsePayload(&response.payload, responseInfo->info.payload, responseInfo->info.payloadSize); - if(result != OC_STACK_OK || response.payload->type != PAYLOAD_TYPE_PRESENCE) + if(result != OC_STACK_OK) { OC_LOG(ERROR, TAG, PCF("Presence parse failed")); goto exit; } + if(!response.payload || response.payload->type != PAYLOAD_TYPE_PRESENCE) + { + OC_LOG(ERROR, TAG, PCF("Presence payload was wrong type")); + result = OC_STACK_ERROR; + goto exit; + } response.sequenceNumber = ((OCPresencePayload*)response.payload)->sequenceNumber; resourceTypeName = ((OCPresencePayload*)response.payload)->resourceType; maxAge = ((OCPresencePayload*)response.payload)->maxAge; @@ -990,6 +997,7 @@ OCStackResult HandlePresenceResponse(const CAEndpoint_t *endpoint, exit: OICFree(resourceTypeName); + OCPayloadDestroy(response.payload); return result; } @@ -1061,6 +1069,7 @@ void HandleCAResponses(const CAEndpoint_t* endPoint, const CAResponseInfo_t* res responseInfo->info.payloadSize)) { OC_LOG(ERROR, TAG, PCF("Error converting payload")); + OCPayloadDestroy(response.payload); return; } @@ -1084,6 +1093,7 @@ void HandleCAResponses(const CAEndpoint_t* endPoint, const CAResponseInfo_t* res if(response.numRcvdVendorSpecificHeaderOptions > MAX_HEADER_OPTIONS) { OC_LOG(ERROR, TAG, PCF("#header options are more than MAX_HEADER_OPTIONS")); + OCPayloadDestroy(response.payload); return; } @@ -1118,7 +1128,6 @@ void HandleCAResponses(const CAEndpoint_t* endPoint, const CAResponseInfo_t* res cbNode->TTL = GetTicks(MAX_CB_TIMEOUT_SECONDS * MILLISECONDS_PER_SECOND); } - OCPayloadDestroy(response.payload); } //Need to send ACK when the response is CON @@ -1127,6 +1136,8 @@ void HandleCAResponses(const CAEndpoint_t* endPoint, const CAResponseInfo_t* res SendDirectStackResponse(endPoint, responseInfo->info.messageId, CA_EMPTY, CA_MSG_ACKNOWLEDGE, 0, NULL, NULL, 0); } + + OCPayloadDestroy(response.payload); } return; } @@ -1190,6 +1201,7 @@ void HandleCAResponses(const CAEndpoint_t* endPoint, const CAResponseInfo_t* res responseInfo->info.messageId); } } + return; } @@ -1280,7 +1292,7 @@ void HandleCARequests(const CAEndpoint_t* endPoint, const CARequestInfo_t* reque requestResult = getQueryFromUri(requestInfo->info.resourceUri, &query, &uriWithoutQuery); - if (requestResult != OC_STACK_OK) + if (requestResult != OC_STACK_OK || !uriWithoutQuery) { OC_LOG_V(ERROR, TAG, "getQueryFromUri() failed with OC error code %d\n", requestResult); return; @@ -1946,13 +1958,12 @@ static OCStackResult OCPreparePresence(CAEndpoint_t *endpoint, FormCanonicalPresenceUri(endpoint, resourceUri, uri); - *requestUri = (char *)OICMalloc(strlen(uri) + 1); + *requestUri = OICStrdup(uri); if (!*requestUri) { return OC_STACK_NO_MEMORY; } - strcpy(*requestUri, uri); return OC_STACK_OK; } @@ -2088,6 +2099,7 @@ OCStackResult OCDoResource(OCDoHandle *handle, if (caResult != CA_STATUS_OK) { OC_LOG(ERROR, TAG, PCF("CAGenerateToken error")); + result= OC_STACK_ERROR; goto exit; } diff --git a/resource/csdk/stack/src/oicgroup.c b/resource/csdk/stack/src/oicgroup.c index 4068852..d5f9f83 100644 --- a/resource/csdk/stack/src/oicgroup.c +++ b/resource/csdk/stack/src/oicgroup.c @@ -25,6 +25,7 @@ #include "oicgroup.h" #include "cJSON.h" #include "oic_malloc.h" +#include "oic_string.h" #include "occollection.h" #include "logger.h" #include "timer.h" @@ -623,7 +624,7 @@ OCStackResult BuildActionSetFromString(OCActionSet **set, char* actiondesc) iterToken = (char *) strtok_r(NULL, ACTION_DELIMITER, &iterTokenPtr); VARIFY_PARAM_NULL(iterToken, result, exit) #ifndef WITH_ARDUINO - sscanf(iterToken, "%ld %d", &(*set)->timesteps, &(*set)->type); + sscanf(iterToken, "%ld %u", &(*set)->timesteps, &(*set)->type); #endif OC_LOG_V(INFO, TAG, "ActionSet Name : %s", (*set)->actionsetName); @@ -662,6 +663,11 @@ OCStackResult BuildActionSetFromString(OCActionSet **set, char* actiondesc) { OC_LOG(INFO, TAG, PCF("Build OCAction Instance.")); + if(action) + { + OICFree(action->resourceUri); + OICFree(action); + } action = (OCAction*) OICMalloc(sizeof(OCAction)); VARIFY_POINTER_NULL(action, result, exit) memset(action, 0, sizeof(OCAction)); @@ -903,15 +909,8 @@ unsigned int GetNumOfTargetResource(OCAction *actionset) OCStackResult SendAction(OCDoHandle *handle, const char *targetUri, const unsigned char *action) { - OCCallbackData cbdata; - cbdata.cb = &ActionSetCB; - cbdata.cd = NULL; - cbdata.context = (void*)DEFAULT_CONTEXT_VALUE; - // TODO: disabled since this is no longer compatible return OC_STACK_NOTIMPL; - //return OCDoResource(handle, OC_REST_PUT, targetUri, - // NULL, (char *) action, CT_ADAPTER_IP, OC_NA_QOS, &cbdata, NULL, 0); } OCStackResult DoAction(OCResource* resource, OCActionSet* actionset, @@ -1022,6 +1021,10 @@ void DoScheduledGroupAction() #endif AddScheduledResource(&scheduleResourceList, schedule); } + else + { + OICFree(schedule); + } } } @@ -1046,9 +1049,6 @@ OCStackResult BuildCollectionGroupActionJSONResponse( size_t bufferLength = 0; unsigned char buffer[MAX_RESPONSE_LENGTH] = { 0 }; - unsigned char *bufferPtr = NULL; - - bufferPtr = buffer; OCResource * collResource = (OCResource *) ehRequest->resource; @@ -1120,7 +1120,7 @@ OCStackResult BuildCollectionGroupActionJSONResponse( jsonResponse = cJSON_Print(json); cJSON_Delete(json); - strcat((char *) bufferPtr, jsonResponse); + OICStrcat((char*)buffer, sizeof(buffer), jsonResponse); bufferLength = strlen((const char *) buffer); if (bufferLength > 0) @@ -1288,7 +1288,7 @@ OCStackResult BuildCollectionGroupActionJSONResponse( jsonResponse = cJSON_Print(json); cJSON_Delete(json); - strcat((char *) bufferPtr, jsonResponse); + OICStrcat((char*)buffer, sizeof(buffer), jsonResponse); bufferLength = strlen((const char *) buffer); if (bufferLength > 0) diff --git a/resource/examples/garageclient.cpp b/resource/examples/garageclient.cpp index 5a5af3f..2b9acf5 100644 --- a/resource/examples/garageclient.cpp +++ b/resource/examples/garageclient.cpp @@ -322,7 +322,7 @@ int main(int argc, char* argv[]) { std::cout << "Invalid connectivity type selected. Using default IP" << std::endl; } } - catch(std::exception& e) + catch(std::exception&) { std::cout << "Invalid input argument. Using IP as connectivity type" << std::endl; } diff --git a/resource/examples/groupserver.cpp b/resource/examples/groupserver.cpp index fd32467..e1ec55a 100644 --- a/resource/examples/groupserver.cpp +++ b/resource/examples/groupserver.cpp @@ -112,7 +112,7 @@ int main(int argc, char* argv[]) std::cout << "Invalid connectivity type selected. Using default IP" << std::endl; } } - catch(exception& e) + catch(exception&) { std::cout << "Invalid input argument. Using IP as connectivity type" << std::endl; } diff --git a/resource/examples/roomclient.cpp b/resource/examples/roomclient.cpp index 2765dfe..635699f 100644 --- a/resource/examples/roomclient.cpp +++ b/resource/examples/roomclient.cpp @@ -221,7 +221,7 @@ void foundResource(std::shared_ptr resource) } catch(std::exception& e) { - //log(e.what()); + std::cerr << "Exception caught in Found Resource: "<< e.what() <