From 91dfcd5a5d2cb20285504d787ee4a6135303891a Mon Sep 17 00:00:00 2001
From: Jan Breuer <jan.breuer@jaybee.cz>
Date: 周日, 15 5月 2016 20:01:44 +0800
Subject: [PATCH] Fix buffer overflow in SCPI_NumberToStr, SCPI_DoubleToStr and SCPI_FloatToStr
---
examples/test-tcp/main.c | 119 +++++++++++++++++++++++++++++++----------------------------
1 files changed, 63 insertions(+), 56 deletions(-)
diff --git a/examples/test-tcp/main.c b/examples/test-tcp/main.c
index 2336165..f1971c2 100644
--- a/examples/test-tcp/main.c
+++ b/examples/test-tcp/main.c
@@ -2,7 +2,7 @@
* Copyright (c) 2012-2013 Jan Breuer,
*
* All Rights Reserved
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are
* met:
@@ -11,7 +11,7 @@
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- *
+ *
* THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
@@ -28,10 +28,10 @@
/**
* @file main.c
* @date Thu Nov 15 10:58:45 UTC 2012
- *
+ *
* @brief TCP/IP SCPI Server
- *
- *
+ *
+ *
*/
#include <stdio.h>
@@ -44,30 +44,37 @@
#include <sys/ioctl.h>
#include <errno.h>
#include <arpa/inet.h>
+#include <unistd.h>
#include "scpi/scpi.h"
#include "../common/scpi-def.h"
size_t SCPI_Write(scpi_t * context, const char * data, size_t len) {
+ (void) context;
+
if (context->user_context != NULL) {
- int fd = *(int *)(context->user_context);
+ int fd = *(int *) (context->user_context);
return write(fd, data, len);
}
return 0;
}
-scpi_result_t SCPI_Flush(scpi_t * context) {
+scpi_result_t SCPI_Flush(scpi_t * context) {
+ (void) context;
+
return SCPI_RES_OK;
}
int SCPI_Error(scpi_t * context, int_fast16_t err) {
(void) context;
// BEEP
- fprintf(stderr, "**ERROR: %d, \"%s\"\r\n", (int32_t) err, SCPI_ErrorTranslate(err));
+ fprintf(stderr, "**ERROR: %d, \"%s\"\r\n", (int16_t) err, SCPI_ErrorTranslate(err));
return 0;
}
scpi_result_t SCPI_Control(scpi_t * context, scpi_ctrl_name_t ctrl, scpi_reg_val_t val) {
+ (void) context;
+
if (SCPI_CTRL_SRQ == ctrl) {
fprintf(stderr, "**SRQ: 0x%X (%d)\r\n", val, val);
} else {
@@ -76,17 +83,16 @@
return SCPI_RES_OK;
}
-scpi_result_t SCPI_Test(scpi_t * context) {
- fprintf(stderr, "**Test\r\n");
- return SCPI_RES_OK;
-}
-
scpi_result_t SCPI_Reset(scpi_t * context) {
+ (void) context;
+
fprintf(stderr, "**Reset\r\n");
return SCPI_RES_OK;
}
scpi_result_t SCPI_SystemCommTcpipControlQ(scpi_t * context) {
+ (void) context;
+
return SCPI_RES_ERR;
}
@@ -95,57 +101,52 @@
int rc;
int on = 1;
struct sockaddr_in servaddr;
-
+
/* Configure TCP Server */
- bzero(&servaddr, sizeof(servaddr));
+ bzero(&servaddr, sizeof (servaddr));
servaddr.sin_family = AF_INET;
- servaddr.sin_addr.s_addr=htonl(INADDR_ANY);
- servaddr.sin_port=htons(port);
-
+ servaddr.sin_addr.s_addr = htonl(INADDR_ANY);
+ servaddr.sin_port = htons(port);
+
/* Create socket */
- fd = socket(AF_INET,SOCK_STREAM, 0);
- if (fd < 0)
- {
+ fd = socket(AF_INET, SOCK_STREAM, 0);
+ if (fd < 0) {
perror("socket() failed");
exit(-1);
- }
-
+ }
+
/* Set address reuse enable */
- rc = setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, (char *)&on, sizeof(on));
- if (rc < 0)
- {
+ rc = setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, (char *) &on, sizeof (on));
+ if (rc < 0) {
perror("setsockopt() failed");
close(fd);
exit(-1);
}
-
+
/* Set non blocking */
- rc = ioctl(fd, FIONBIO, (char *)&on);
- if (rc < 0)
- {
+ rc = ioctl(fd, FIONBIO, (char *) &on);
+ if (rc < 0) {
perror("ioctl() failed");
close(fd);
exit(-1);
- }
-
+ }
+
/* Bind to socket */
- rc = bind(fd, (struct sockaddr *)&servaddr, sizeof(servaddr));
- if (rc < 0)
- {
+ rc = bind(fd, (struct sockaddr *) &servaddr, sizeof (servaddr));
+ if (rc < 0) {
perror("bind() failed");
close(fd);
exit(-1);
}
-
+
/* Listen on socket */
listen(fd, 1);
- if (rc < 0)
- {
+ if (rc < 0) {
perror("listen() failed");
close(fd);
exit(-1);
}
-
+
return fd;
}
@@ -154,21 +155,21 @@
struct timeval timeout;
int rc;
int max_fd;
-
+
FD_ZERO(&fds);
max_fd = fd;
FD_SET(fd, &fds);
-
- timeout.tv_sec = 5;
+
+ timeout.tv_sec = 5;
timeout.tv_usec = 0;
-
+
rc = select(max_fd + 1, &fds, NULL, NULL, &timeout);
-
+
return rc;
}
/*
- *
+ *
*/
int main(int argc, char** argv) {
(void) argc;
@@ -180,26 +181,32 @@
// user_context will be pointer to socket
scpi_context.user_context = NULL;
-
- SCPI_Init(&scpi_context);
+
+ SCPI_Init(&scpi_context,
+ scpi_commands,
+ &scpi_interface,
+ scpi_units_def,
+ SCPI_IDN1, SCPI_IDN2, SCPI_IDN3, SCPI_IDN4,
+ scpi_input_buffer, SCPI_INPUT_BUFFER_LENGTH,
+ scpi_error_queue_data, SCPI_ERROR_QUEUE_SIZE);
listenfd = createServer(5025);
-
- while(1) {
+
+ while (1) {
int clifd;
struct sockaddr_in cliaddr;
socklen_t clilen;
- clilen = sizeof(cliaddr);
- clifd = accept(listenfd, (struct sockaddr *)&cliaddr, &clilen);
-
+ clilen = sizeof (cliaddr);
+ clifd = accept(listenfd, (struct sockaddr *) &cliaddr, &clilen);
+
if (clifd < 0) continue;
printf("Connection established %s\r\n", inet_ntoa(cliaddr.sin_addr));
scpi_context.user_context = &clifd;
- while(1) {
+ while (1) {
rc = waitServer(clifd);
if (rc < 0) { // failed
perror(" recv() failed");
@@ -209,13 +216,13 @@
SCPI_Input(&scpi_context, NULL, 0);
}
if (rc > 0) { // something to read
- rc = recv(clifd, smbuffer, sizeof(smbuffer), 0);
+ rc = recv(clifd, smbuffer, sizeof (smbuffer), 0);
if (rc < 0) {
if (errno != EWOULDBLOCK) {
perror(" recv() failed");
break;
}
- } else if (rc == 0) {
+ } else if (rc == 0) {
printf("Connection closed\r\n");
break;
} else {
@@ -226,7 +233,7 @@
close(clifd);
}
-
+
return (EXIT_SUCCESS);
}
--
Gitblit v1.9.1