From d44ab5893845801ec95e058b9b56a3a75b9720f7 Mon Sep 17 00:00:00 2001
From: Jan Breuer <jan.breuer@jaybee.cz>
Date: 周日, 04 10月 2015 19:35:26 +0800
Subject: [PATCH] Fix access outside buffer
---
libscpi/src/parser.c | 141 ++++++++++++++++++++++++++++++++++-------------
1 files changed, 102 insertions(+), 39 deletions(-)
diff --git a/libscpi/src/parser.c b/libscpi/src/parser.c
index 21ac60a..9032c9c 100644
--- a/libscpi/src/parser.c
+++ b/libscpi/src/parser.c
@@ -44,7 +44,6 @@
#include "scpi/error.h"
#include "scpi/constants.h"
#include "scpi/utils.h"
-#include "scpi/scpi_debug.h"
/**
* Write data to SCPI output
@@ -91,15 +90,10 @@
static size_t writeNewLine(scpi_t * context) {
if (context->output_count > 0) {
size_t len;
-#if (USED_ENDCODE == ENDCODE_CR)
- len = writeData(context, "\r", 1);
-#elif (USED_ENDCODE == ENDCODE_LF)
- len = writeData(context, "\n", 1);
-#elif (USED_ENDCODE == ENDCODE_CRLF)
- len = writeData(context, "\r\n", 2);
-#else
+#ifndef SCPI_LINE_ENDING
#error no termination character defined
#endif
+ len = writeData(context, SCPI_LINE_ENDING, strlen(SCPI_LINE_ENDING));
flushData(context);
return len;
} else {
@@ -135,7 +129,6 @@
context->output_count = 0;
context->input_count = 0;
- SCPI_DEBUG_COMMAND(context);
/* if callback exists - call command callback */
if (cmd->callback != NULL) {
if ((cmd->callback(context) != SCPI_RES_OK) && !context->cmd_error) {
@@ -336,7 +329,7 @@
/**
* Return prefix of nondecimal base
* @param base
- * @return
+ * @return
*/
static const char * getBasePrefix(int8_t base) {
switch (base) {
@@ -352,7 +345,7 @@
* @param context
* @param val
* @param base
- * @return
+ * @return
*/
size_t SCPI_ResultIntBase(scpi_t * context, int32_t val, int8_t base) {
char buffer[33];
@@ -411,7 +404,7 @@
* @param context
* @param data
* @param len
- * @return
+ * @return
*/
size_t SCPI_ResultArbitraryBlock(scpi_t * context, const char * data, size_t len) {
size_t result = 0;
@@ -421,7 +414,7 @@
SCPI_LongToStr(len, block_header + 2, 10, 10);
header_len = strlen(block_header + 2);
- block_header[1] = header_len + '0';
+ block_header[1] = (char)(header_len + '0');
result += writeData(context, block_header, header_len + 2);
result += writeData(context, data, len);
@@ -458,7 +451,7 @@
* @param context
* @param parameter
* @param mandatory
- * @return
+ * @return
*/
scpi_bool_t SCPI_Parameter(scpi_t * context, scpi_parameter_t * parameter, scpi_bool_t mandatory) {
lex_state_t * state;
@@ -516,7 +509,7 @@
* Detect if parameter is number
* @param parameter
* @param suffixAllowed
- * @return
+ * @return
*/
scpi_bool_t SCPI_ParamIsNumber(scpi_parameter_t * parameter, scpi_bool_t suffixAllowed) {
switch (parameter->type) {
@@ -539,7 +532,7 @@
* @param value result
* @return TRUE if succesful
*/
-scpi_bool_t SCPI_ParamToInt(scpi_t * context, scpi_parameter_t * parameter, int32_t * value) {
+static scpi_bool_t ParamToInt(scpi_t * context, scpi_parameter_t * parameter, int32_t * value, scpi_bool_t sign) {
if (!value) {
SCPI_ErrorPush(context, SCPI_ERROR_SYSTEM_ERROR);
@@ -548,16 +541,43 @@
switch (parameter->type) {
case SCPI_TOKEN_HEXNUM:
- return strToLong(parameter->ptr, value, 16) > 0 ? TRUE : FALSE;
+ return strToULong(parameter->ptr, (uint32_t *)value, 16) > 0 ? TRUE : FALSE;
case SCPI_TOKEN_OCTNUM:
- return strToLong(parameter->ptr, value, 8) > 0 ? TRUE : FALSE;
+ return strToULong(parameter->ptr, (uint32_t *)value, 8) > 0 ? TRUE : FALSE;
case SCPI_TOKEN_BINNUM:
- return strToLong(parameter->ptr, value, 2) > 0 ? TRUE : FALSE;
+ return strToULong(parameter->ptr, (uint32_t *)value, 2) > 0 ? TRUE : FALSE;
case SCPI_TOKEN_DECIMAL_NUMERIC_PROGRAM_DATA:
case SCPI_TOKEN_DECIMAL_NUMERIC_PROGRAM_DATA_WITH_SUFFIX:
- return strToLong(parameter->ptr, value, 10) > 0 ? TRUE : FALSE;
+ if (sign) {
+ return strToLong(parameter->ptr, value, 10) > 0 ? TRUE : FALSE;
+ } else {
+ return strToULong(parameter->ptr, (uint32_t *)value, 10) > 0 ? TRUE : FALSE;
+ }
}
return FALSE;
+}
+
+
+/**
+ * Convert parameter to integer
+ * @param context
+ * @param parameter
+ * @param value result
+ * @return TRUE if succesful
+ */
+scpi_bool_t SCPI_ParamToInt(scpi_t * context, scpi_parameter_t * parameter, int32_t * value) {
+ return ParamToInt(context, parameter, value, TRUE);
+}
+
+/**
+ * Convert parameter to unsigned integer
+ * @param context
+ * @param parameter
+ * @param value result
+ * @return TRUE if succesful
+ */
+scpi_bool_t SCPI_ParamToUnsignedInt(scpi_t * context, scpi_parameter_t * parameter, uint32_t * value) {
+ return ParamToInt(context, parameter, (int32_t *)value, FALSE);
}
/**
@@ -567,9 +587,10 @@
* @param value result
* @return TRUE if succesful
*/
+#include "stdio.h"
scpi_bool_t SCPI_ParamToDouble(scpi_t * context, scpi_parameter_t * parameter, double * value) {
scpi_bool_t result = FALSE;
- int32_t valint;
+ uint32_t valint;
if (!value) {
SCPI_ErrorPush(context, SCPI_ERROR_SYSTEM_ERROR);
@@ -580,7 +601,7 @@
case SCPI_TOKEN_HEXNUM:
case SCPI_TOKEN_OCTNUM:
case SCPI_TOKEN_BINNUM:
- result = SCPI_ParamToInt(context, parameter, &valint);
+ result = SCPI_ParamToUnsignedInt(context, parameter, &valint);
*value = valint;
break;
case SCPI_TOKEN_DECIMAL_NUMERIC_PROGRAM_DATA:
@@ -596,7 +617,7 @@
* @param context
* @param value
* @param mandatory
- * @return
+ * @return
*/
scpi_bool_t SCPI_ParamDouble(scpi_t * context, double * value, scpi_bool_t mandatory) {
scpi_bool_t result;
@@ -627,9 +648,9 @@
* @param context
* @param value
* @param mandatory
- * @return
+ * @return
*/
-scpi_bool_t SCPI_ParamInt(scpi_t * context, int32_t * value, scpi_bool_t mandatory) {
+static scpi_bool_t ParamInt(scpi_t * context, int32_t * value, scpi_bool_t mandatory, scpi_bool_t sign) {
scpi_bool_t result;
scpi_parameter_t param;
@@ -641,7 +662,7 @@
result = SCPI_Parameter(context, ¶m, mandatory);
if (result) {
if (SCPI_ParamIsNumber(¶m, FALSE)) {
- SCPI_ParamToInt(context, ¶m, value);
+ result = ParamToInt(context, ¶m, value, sign);
} else if (SCPI_ParamIsNumber(¶m, TRUE)) {
SCPI_ErrorPush(context, SCPI_ERROR_SUFFIX_NOT_ALLOWED);
result = FALSE;
@@ -653,13 +674,21 @@
return result;
}
+scpi_bool_t SCPI_ParamInt(scpi_t * context, int32_t * value, scpi_bool_t mandatory) {
+ return ParamInt(context, value, mandatory, TRUE);
+}
+
+scpi_bool_t SCPI_ParamUnsignedInt(scpi_t * context, uint32_t * value, scpi_bool_t mandatory) {
+ return ParamInt(context, (int32_t *)value, mandatory, FALSE);
+}
+
/**
* Read character parameter
* @param context
* @param value
* @param len
* @param mandatory
- * @return
+ * @return
*/
scpi_bool_t SCPI_ParamCharacters(scpi_t * context, const char ** value, size_t * len, scpi_bool_t mandatory) {
scpi_bool_t result;
@@ -672,8 +701,17 @@
result = SCPI_Parameter(context, ¶m, mandatory);
if (result) {
- *value = param.ptr;
- *len = param.len;
+ switch(param.type) {
+ case SCPI_TOKEN_SINGLE_QUOTE_PROGRAM_DATA:
+ case SCPI_TOKEN_DOUBLE_QUOTE_PROGRAM_DATA:
+ *value = param.ptr + 1;
+ *len = param.len - 2;
+ break;
+ default:
+ *value = param.ptr;
+ *len = param.len;
+ break;
+ }
// TODO: return also parameter type (ProgramMnemonic, ArbitraryBlockProgramData, SingleQuoteProgramData, DoubleQuoteProgramData
}
@@ -687,7 +725,7 @@
* @param value result pointer to data
* @param len result length of data
* @param mandatory
- * @return
+ * @return
*/
scpi_bool_t SCPI_ParamArbitraryBlock(scpi_t * context, const char ** value, size_t * len, scpi_bool_t mandatory) {
scpi_bool_t result;
@@ -731,7 +769,7 @@
case SCPI_TOKEN_SINGLE_QUOTE_PROGRAM_DATA:
case SCPI_TOKEN_DOUBLE_QUOTE_PROGRAM_DATA:
quote = param.type == SCPI_TOKEN_SINGLE_QUOTE_PROGRAM_DATA ? '\'' : '"';
- for (i_from = 0, i_to = 0; i_from < (size_t) param.len; i_from++) {
+ for (i_from = 1, i_to = 0; i_from < (size_t) (param.len - 1); i_from++) {
if (i_from >= buffer_len) {
break;
}
@@ -740,6 +778,10 @@
if (param.ptr[i_from] == quote) {
i_from++;
}
+ }
+ *copy_len = i_to;
+ if (i_to < buffer_len) {
+ buffer[i_to] = 0;
}
break;
default:
@@ -757,7 +799,7 @@
* @param parameter - should be PROGRAM_MNEMONIC
* @param options - NULL terminated list of choices
* @param value - index to options
- * @return
+ * @return
*/
scpi_bool_t SCPI_ParamToChoice(scpi_t * context, scpi_parameter_t * parameter, const scpi_choice_def_t * options, int32_t * value) {
size_t res;
@@ -792,7 +834,7 @@
* @param options specifications of choices numbers (patterns)
* @param tag numerical representatio of choice
* @param text result text
- * @return TRUE if succesfule, else false
+ * @return TRUE if succesfule, else FALSE
*/
scpi_bool_t SCPI_ChoiceToName(const scpi_choice_def_t * options, int32_t tag, const char ** text) {
int i;
@@ -812,7 +854,7 @@
* @param context
* @param value
* @param mandatory
- * @return
+ * @return
*/
scpi_bool_t SCPI_ParamBool(scpi_t * context, scpi_bool_t * value, scpi_bool_t mandatory) {
scpi_bool_t result;
@@ -853,7 +895,7 @@
* @param options
* @param value
* @param mandatory
- * @return
+ * @return
*/
scpi_bool_t SCPI_ParamChoice(scpi_t * context, const scpi_choice_def_t * options, int32_t * value, scpi_bool_t mandatory) {
scpi_bool_t result;
@@ -876,7 +918,7 @@
* Parse one parameter and detect type
* @param state
* @param token
- * @return
+ * @return
*/
int scpiParser_parseProgramData(lex_state_t * state, scpi_token_t * token) {
scpi_token_t tmp;
@@ -915,7 +957,7 @@
* @param state
* @param token
* @param numberOfParameters
- * @return
+ * @return
*/
int scpiParser_parseAllProgramData(lex_state_t * state, scpi_token_t * token, int * numberOfParameters) {
@@ -965,7 +1007,7 @@
* @param state
* @param buffer
* @param len
- * @return
+ * @return
*/
int scpiParser_detectProgramMessageUnit(scpi_parser_state_t * state, char * buffer, int len) {
lex_state_t lex_state;
@@ -1018,7 +1060,7 @@
* - suitable for one handle to multiple commands
* @param context
* @param cmd
- * @return
+ * @return
*/
scpi_bool_t SCPI_IsCmd(scpi_t * context, const char * cmd) {
const char * pattern;
@@ -1051,3 +1093,24 @@
scpi_bool_t SCPI_CommandNumbers(scpi_t * context, int32_t * numbers, size_t len) {
return matchCommand (context->param_list.cmd->pattern, context->param_list.cmd_raw.data, context->param_list.cmd_raw.length, numbers, len);
}
+
+/**
+ * If SCPI_Parameter() returns FALSE, this function can detect, if the parameter
+ * is just missing (TRUE) or if there was an error during processing of the command (FALSE)
+ * @param parameter
+ * @return
+ */
+scpi_bool_t SCPI_ParamIsValid(scpi_parameter_t * parameter)
+{
+ return parameter->type == SCPI_TOKEN_UNKNOWN ? FALSE : TRUE;
+}
+
+/**
+ * Returns TRUE if there was an error during parameter handling
+ * @param context
+ * @return
+ */
+scpi_bool_t SCPI_ParamErrorOccurred(scpi_t * context)
+{
+ return context->cmd_error;
+}
--
Gitblit v1.9.1