diff --git a/source/dml/dml_webconfig/dml_onewifi_api.c b/source/dml/dml_webconfig/dml_onewifi_api.c index db8968d1d..af1942583 100644 --- a/source/dml/dml_webconfig/dml_onewifi_api.c +++ b/source/dml/dml_webconfig/dml_onewifi_api.c @@ -1778,9 +1778,9 @@ void update_dml_vap_defaults() { if (i<2) { memset(wps_pin, 0, sizeof(wps_pin)); if (wifi_hal_get_default_wps_pin(wps_pin) == RETURN_OK) { - strcpy(vap_default[i].wps_pin, wps_pin); + snprintf(vap_default[i].wps_pin, sizeof(vap_default[i].wps_pin), "%s", wps_pin); } else { - strcpy(vap_default[i].wps_pin, INVALID_KEY); + snprintf(vap_default[i].wps_pin, sizeof(vap_default[i].wps_pin), "%s", INVALID_KEY); } } vap_default[i].txoverflow = 0; diff --git a/source/dml/wifi_ssp/ssp_loop.c b/source/dml/wifi_ssp/ssp_loop.c index cdb4fc582..2a26a4e0e 100644 --- a/source/dml/wifi_ssp/ssp_loop.c +++ b/source/dml/wifi_ssp/ssp_loop.c @@ -1105,7 +1105,13 @@ void update_macfilter_list(int instance_number, int total_entries, hash_map_t *p } else { snprintf(index_instances, sizeof(index_instances), "%d,", l_data_index[l_index]); } - strcat(index_list, index_instances); + size_t len = strlen(index_list); + size_t remaining = sizeof(index_list) - len; + int result = snprintf(index_list + len, remaining, "%s", index_instances); + if(result < 0 || (size_t)result >= remaining) { + wifi_util_dbg_print(WIFI_PSM, "%s:%d: index_list buffer overflow\n", __func__, __LINE__); + return; + } } wifi_util_dbg_print(WIFI_PSM, "%s:%d total mac filter list entry:%s\r\n",__func__, __LINE__, index_list); diff --git a/source/sampleapps/webconfig_consumer_apis.c b/source/sampleapps/webconfig_consumer_apis.c index 67e0cf417..27ebabf14 100644 --- a/source/sampleapps/webconfig_consumer_apis.c +++ b/source/sampleapps/webconfig_consumer_apis.c @@ -726,9 +726,7 @@ void test_radio_subdoc_change(webconfig_consumer_t *consumer) printf("%s:%d: Webconfig set failed\n", __func__, __LINE__); } - if (str != NULL) { - free(str); - } + webconfig_data_free(data); free(data); data = NULL; @@ -759,7 +757,7 @@ void test_null_subdoc_change(webconfig_consumer_t *consumer) } } - if (ret == webconfig_error_none) { + if (ret == webconfig_error_none && str != NULL) { printf("%s:%d: webconfig consumer null vap start test\n", __func__, __LINE__); dump_subdoc(str, webconfig_subdoc_type_null); cmd_start_time = get_current_time_ms(); @@ -769,10 +767,7 @@ void test_null_subdoc_change(webconfig_consumer_t *consumer) printf("%s:%d: Webconfig set failed\n", __func__, __LINE__); } - if (str != NULL) { - free(str); - } - + webconfig_data_free(data); free(data); data = NULL; } @@ -807,6 +802,7 @@ void test_mesh_sta_subdoc_change(webconfig_consumer_t *consumer) vap_info = get_wifi_radio_vap_info(&data->u.decoded.radios[0], "mesh_sta"); if (vap_info == NULL) { printf("%s:%d: vap_info is NULL \n", __func__, __LINE__); + webconfig_data_free(data); free(data); data = NULL; return; @@ -815,6 +811,7 @@ void test_mesh_sta_subdoc_change(webconfig_consumer_t *consumer) vap_info = get_wifi_radio_vap_info(&data->u.decoded.radios[1], "mesh_sta"); if (vap_info == NULL) { printf("%s:%d: vap_info is NULL \n", __func__, __LINE__); + webconfig_data_free(data); free(data); data = NULL; return; @@ -824,10 +821,7 @@ void test_mesh_sta_subdoc_change(webconfig_consumer_t *consumer) // clearing the descriptor and raw json data data->descriptor = 0; - if (data->u.encoded.raw != NULL) { - free(data->u.encoded.raw); - data->u.encoded.raw = NULL; - } + webconfig_data_free(data); printf("%s:%d: start webconfig_encode\n", __func__, __LINE__); data->u.decoded.num_radios = consumer->hal_cap.wifi_prop.numRadios; @@ -838,7 +832,7 @@ void test_mesh_sta_subdoc_change(webconfig_consumer_t *consumer) } } - if (ret == webconfig_error_none) { + if (ret == webconfig_error_none && str != NULL) { printf("%s:%d: webconfig consumer mesh sta vap start test\n", __func__, __LINE__); dump_subdoc(str, webconfig_subdoc_type_mesh_sta); #ifdef WEBCONFIG_TESTS_OVER_QUEUE @@ -852,10 +846,7 @@ void test_mesh_sta_subdoc_change(webconfig_consumer_t *consumer) printf("%s:%d: Webconfig set failed\n", __func__, __LINE__); } - if (str != NULL) { - free(str); - } - + webconfig_data_free(data); free(data); data = NULL; } @@ -912,6 +903,7 @@ void test_mesh_subdoc_change(webconfig_consumer_t *consumer) rdk_vap = get_wifi_radio_rdkvap_info(&data->u.decoded.radios[0], "mesh_backhaul"); if ((rdk_vap == NULL)) { printf("%s:%d: rdk_vap is null\n", __func__, __LINE__); + webconfig_data_free(data); free(data); data = NULL; return; @@ -923,6 +915,7 @@ void test_mesh_subdoc_change(webconfig_consumer_t *consumer) acl_entry = (acl_entry_t *)malloc(sizeof(acl_entry_t)); if (acl_entry == NULL) { printf("%s:%d NULL Pointer \n", __func__, __LINE__); + webconfig_data_free(data); free(data); data = NULL; return; @@ -935,10 +928,7 @@ void test_mesh_subdoc_change(webconfig_consumer_t *consumer) // clearing the descriptor and raw json data data->descriptor = 0; - if (data->u.encoded.raw != NULL) { - free(data->u.encoded.raw); - data->u.encoded.raw = NULL; - } + webconfig_data_free(data); printf("%s:%d: start webconfig_encode\n", __func__, __LINE__); data->u.decoded.num_radios = consumer->hal_cap.wifi_prop.numRadios; @@ -949,7 +939,7 @@ void test_mesh_subdoc_change(webconfig_consumer_t *consumer) } } - if (ret == webconfig_error_none) { + if (ret == webconfig_error_none && str != NULL) { printf("%s:%d: webconfig consumer mesh vap start test\n", __func__, __LINE__); dump_subdoc(str, webconfig_subdoc_type_mesh); #ifdef WEBCONFIG_TESTS_OVER_QUEUE @@ -963,10 +953,7 @@ void test_mesh_subdoc_change(webconfig_consumer_t *consumer) printf("%s:%d: Webconfig set failed\n", __func__, __LINE__); } - if (str != NULL) { - free(str); - } - + webconfig_data_free(data); free(data); data = NULL; } @@ -1014,6 +1001,7 @@ void test_macfilter_subdoc_change(webconfig_consumer_t *consumer) if ((rdk_vap == NULL)) { printf("%s:%d: rdk_vap is null\n", __func__, __LINE__); + webconfig_data_free(data); free(data); data = NULL; return; @@ -1025,6 +1013,7 @@ void test_macfilter_subdoc_change(webconfig_consumer_t *consumer) acl_entry = (acl_entry_t *)malloc(sizeof(acl_entry_t)); if (acl_entry == NULL) { printf("%s:%d NULL Pointer \n", __func__, __LINE__); + webconfig_data_free(data); free(data); data = NULL; return; @@ -1037,10 +1026,7 @@ void test_macfilter_subdoc_change(webconfig_consumer_t *consumer) // clearing the descriptor and raw json data data->descriptor = 0; - if (data->u.encoded.raw != NULL) { - free(data->u.encoded.raw); - data->u.encoded.raw = NULL; - } + webconfig_data_free(data); printf("%s:%d: start webconfig_encode\n", __func__, __LINE__); data->u.decoded.num_radios = consumer->hal_cap.wifi_prop.numRadios; @@ -1051,7 +1037,7 @@ void test_macfilter_subdoc_change(webconfig_consumer_t *consumer) } } - if (ret == webconfig_error_none) { + if (ret == webconfig_error_none && str != NULL) { printf("%s:%d: webconfig consumer macfilter start test\n", __func__, __LINE__); dump_subdoc(str, webconfig_subdoc_type_mac_filter); #ifdef WEBCONFIG_TESTS_OVER_QUEUE @@ -1065,9 +1051,7 @@ void test_macfilter_subdoc_change(webconfig_consumer_t *consumer) printf("%s:%d: Webconfig set failed\n", __func__, __LINE__); } - if (str != NULL) { - free(str); - } + webconfig_data_free(data); free(data); data = NULL; @@ -1094,12 +1078,6 @@ void test_vif_neighbors_subdoc_change(webconfig_consumer_t *consumer) printf("%s:%d: command start current time:%llu\n", __func__, __LINE__, cmd_start_time); rbus_setStr(consumer->rbus_handle, WIFI_WEBCONFIG_DOC_DATA_SOUTH, str); #endif - } else { - printf("%s:%d: Webconfig set failed\n", __func__, __LINE__); - } - - if (str != NULL) { - free(str); } } @@ -1126,12 +1104,6 @@ void test_steeringclient_subdoc_change(webconfig_consumer_t *consumer) printf("%s:%d: command start current time:%llu\n", __func__, __LINE__, cmd_start_time); rbus_setStr(consumer->rbus_handle, WIFI_WEBCONFIG_DOC_DATA_SOUTH, str); #endif - } else { - printf("%s:%d: Webconfig set failed\n", __func__, __LINE__); - } - - if (str != NULL) { - free(str); } } @@ -1157,12 +1129,6 @@ void test_steerconfig_subdoc_change(webconfig_consumer_t *consumer) printf("%s:%d: command start current time:%llu\n", __func__, __LINE__, cmd_start_time); rbus_setStr(consumer->rbus_handle, WIFI_WEBCONFIG_DOC_DATA_SOUTH, str); #endif - } else { - printf("%s:%d: Webconfig set failed\n", __func__, __LINE__); - } - - if (str != NULL) { - free(str); } } @@ -1186,12 +1152,6 @@ void test_statsconfig_subdoc_change(webconfig_consumer_t *consumer) printf("%s:%d: command start current time:%llu\n", __func__, __LINE__, cmd_start_time); rbus_setStr(consumer->rbus_handle, WIFI_WEBCONFIG_DOC_DATA_SOUTH, str); #endif - } else { - printf("%s:%d: Webconfig set failed\n", __func__, __LINE__); - } - - if (str != NULL) { - free(str); } } @@ -1237,10 +1197,7 @@ void test_private_subdoc_change(webconfig_consumer_t *consumer) // clearing the descriptor and raw json data data->descriptor = 0; - if (data->u.encoded.raw != NULL) { - free(data->u.encoded.raw); - data->u.encoded.raw = NULL; - } + webconfig_data_free(data); printf("%s:%d start webconfig_encode num_of_radio:%d\n", __func__, __LINE__, data->u.decoded.num_radios); ret = webconfig_encode(&consumer->webconfig, data, webconfig_subdoc_type_private); @@ -1248,7 +1205,7 @@ void test_private_subdoc_change(webconfig_consumer_t *consumer) str = data->u.encoded.raw; } - if (ret == webconfig_error_none) { + if (ret == webconfig_error_none && str != NULL) { printf("%s:%d: webconfig consumer private vap start test\n", __func__, __LINE__); dump_subdoc(str, webconfig_subdoc_type_private); #ifdef WEBCONFIG_TESTS_OVER_QUEUE @@ -1262,9 +1219,7 @@ void test_private_subdoc_change(webconfig_consumer_t *consumer) printf("%s:%d: Webconfig set failed\n", __func__, __LINE__); } - if (str != NULL) { - free(str); - } + webconfig_data_free(data); free(data); data = NULL; @@ -1325,10 +1280,7 @@ void test_home_subdoc_change(webconfig_consumer_t *consumer) // clearing the descriptor and raw json data data->descriptor = 0; - if (data->u.encoded.raw != NULL) { - free(data->u.encoded.raw); - data->u.encoded.raw = NULL; - } + webconfig_data_free(data); printf("%s:%d: start webconfig_encode\n", __func__, __LINE__); ret = webconfig_encode(&consumer->webconfig, data, webconfig_subdoc_type_home); @@ -1351,9 +1303,7 @@ void test_home_subdoc_change(webconfig_consumer_t *consumer) printf("%s:%d: Webconfig set failed\n", __func__, __LINE__); } - if (str != NULL) { - free(str); - } + webconfig_data_free(data); free(data); data=NULL; @@ -1442,10 +1392,7 @@ void test_lnf_subdoc_change(webconfig_consumer_t *consumer) } // clearing the descriptor and raw json data data->descriptor = 0; - if (data->u.encoded.raw != NULL) { - free(data->u.encoded.raw); - data->u.encoded.raw = NULL; - } + webconfig_data_free(data); data->u.decoded.num_radios = consumer->hal_cap.wifi_prop.numRadios; printf("%s:%d: start webconfig_encode \n", __func__, __LINE__); @@ -1469,10 +1416,7 @@ void test_lnf_subdoc_change(webconfig_consumer_t *consumer) } else { printf("%s:%d: Webconfig set failed\n", __func__, __LINE__); } - - if (str != NULL) { - free(str); - } + webconfig_data_free(data); free(data); data = NULL; @@ -1534,10 +1478,7 @@ void test_xfinity_subdoc_change(webconfig_consumer_t *consumer) } // clearing the descriptor and raw json data data->descriptor = 0; - if (data->u.encoded.raw != NULL) { - free(data->u.encoded.raw); - data->u.encoded.raw = NULL; - } + webconfig_data_free(data); data->u.decoded.num_radios = consumer->hal_cap.wifi_prop.numRadios; printf("%s:%d: start webconfig_encode \n", __func__, __LINE__); @@ -1562,9 +1503,7 @@ void test_xfinity_subdoc_change(webconfig_consumer_t *consumer) printf("%s:%d: Webconfig set failed\n", __func__, __LINE__); } - if (str != NULL) { - free(str); - } + webconfig_data_free(data); free(data); data = NULL; diff --git a/source/utils/wifi_validator.c b/source/utils/wifi_validator.c index 6ede21d4b..cd0918939 100644 --- a/source/utils/wifi_validator.c +++ b/source/utils/wifi_validator.c @@ -227,7 +227,7 @@ int validate_anqp(const cJSON *anqp, wifi_interworking_t *vap_info, pErr execRet cJSON_Delete(passPointStats); return RETURN_ERR; } - copy_string((char*)ouiStr, anqpParam->valuestring); + snprintf((char*)ouiStr, sizeof(ouiStr), "%s", anqpParam->valuestring); } //Covert the incoming string to HEX for(i = 0; i < ouiStrLen; i++){ @@ -393,7 +393,7 @@ int validate_anqp(const cJSON *anqp, wifi_interworking_t *vap_info, pErr execRet cJSON_Delete(passPointStats); return RETURN_ERR; } - copy_string((char*)authStr,subParam_1->valuestring); + snprintf((char*)authStr, sizeof(authStr), "%s", subParam_1->valuestring); //Covert the incoming string to HEX for(i = 0; i < authStrLen; i++){ @@ -460,10 +460,10 @@ int validate_anqp(const cJSON *anqp, wifi_interworking_t *vap_info, pErr execRet validate_param_string(anqpEntry,"MCC",anqpParam); if(strlen(anqpParam->valuestring) == (sizeof(mccStr) -1)){ - copy_string((char*)mccStr,anqpParam->valuestring); + snprintf((char*)mccStr, sizeof(mccStr), "%s", anqpParam->valuestring); }else if(strlen(anqpParam->valuestring) == (sizeof(mccStr) -2)){ mccStr[0] = '0'; - copy_string((char*)&mccStr[1], anqpParam->valuestring); + snprintf((char*)&mccStr[1], sizeof(mccStr) - 1, "%s", anqpParam->valuestring); }else{ wifi_util_dbg_print(WIFI_PASSPOINT, "%s:%d: Invalid MCC in 3GPPCellularANQPElement Data. Discarding Configuration\n", __func__, __LINE__); strncpy(execRetVal->ErrorMsg, "Invalid MCC in 3GPP Element",sizeof(execRetVal->ErrorMsg)-1); @@ -473,10 +473,10 @@ int validate_anqp(const cJSON *anqp, wifi_interworking_t *vap_info, pErr execRet validate_param_string(anqpEntry,"MNC",anqpParam); if(strlen(anqpParam->valuestring) == (sizeof(mccStr) -1)){ - copy_string((char*)mncStr, anqpParam->valuestring); + snprintf((char*)mncStr, sizeof(mncStr), "%s", anqpParam->valuestring); }else if(strlen(anqpParam->valuestring) == (sizeof(mccStr) -2)){ mncStr[0] = '0'; - copy_string((char*)&mncStr[1], anqpParam->valuestring); + snprintf((char*)&mncStr[1], sizeof(mncStr) - 1, "%s", anqpParam->valuestring); }else{ wifi_util_dbg_print(WIFI_PASSPOINT, "%s:%d: Invalid MNC in 3GPPCellularANQPElement Data. Discarding Configuration\n", __func__, __LINE__); strncpy(execRetVal->ErrorMsg, "Invalid MNC in 3GPP Element",sizeof(execRetVal->ErrorMsg)-1); @@ -844,7 +844,7 @@ int validate_interworking(const cJSON *interworking, wifi_vap_info_t *vap_info, vap_info->u.bss_info.interworking.interworking.hessOptionPresent = (param->type & cJSON_True) ? true:false; validate_param_string(interworking, "HESSID", param); - copy_string(vap_info->u.bss_info.interworking.interworking.hessid,param->valuestring); + snprintf(vap_info->u.bss_info.interworking.interworking.hessid, sizeof(vap_info->u.bss_info.interworking.interworking.hessid), "%s", param->valuestring); if (WiFi_IsValidMacAddr(vap_info->u.bss_info.interworking.interworking.hessid) != TRUE) { wifi_util_dbg_print(WIFI_PASSPOINT,"%s:%d: Validation failed for HESSID\n", __func__, __LINE__); strncpy(execRetVal->ErrorMsg, "Invalid HESSID",sizeof(execRetVal->ErrorMsg)-1); @@ -953,7 +953,7 @@ int validate_radius_settings(const cJSON *radius, wifi_vap_info_t *vap_info, pEr validate_param_string(radius, "RadiusServerIPAddr", param); if (validate_ipv4_address(param->valuestring) == RETURN_OK || validate_ipv6_address(param->valuestring) == RETURN_OK) { #ifndef WIFI_HAL_VERSION_3_PHASE2 - copy_string((char *)vap_info->u.bss_info.security.u.radius.ip,param->valuestring); + snprintf((char *)vap_info->u.bss_info.security.u.radius.ip, sizeof(vap_info->u.bss_info.security.u.radius.ip), "%s", param->valuestring); } else { wifi_util_dbg_print(WIFI_PASSPOINT,"%s:%d: Validation failed for RadiusServerIPAddr\n", __func__, __LINE__); @@ -976,12 +976,12 @@ int validate_radius_settings(const cJSON *radius, wifi_vap_info_t *vap_info, pEr vap_info->u.bss_info.security.u.radius.port = param->valuedouble; validate_param_string(radius, "RadiusSecret", param); - copy_string(vap_info->u.bss_info.security.u.radius.key, param->valuestring); + snprintf(vap_info->u.bss_info.security.u.radius.key, sizeof(vap_info->u.bss_info.security.u.radius.key), "%s", param->valuestring); validate_param_string(radius, "SecondaryRadiusServerIPAddr", param); if (validate_ipv4_address(param->valuestring) == RETURN_OK || validate_ipv6_address(param->valuestring) == RETURN_OK) { #ifndef WIFI_HAL_VERSION_3_PHASE2 - copy_string((char *)vap_info->u.bss_info.security.u.radius.s_ip,param->valuestring); + snprintf((char *)vap_info->u.bss_info.security.u.radius.s_ip, sizeof(vap_info->u.bss_info.security.u.radius.s_ip), "%s", param->valuestring); } else { wifi_util_dbg_print(WIFI_PASSPOINT,"%s:%d: Validation failed for SecondaryRadiusServerIPAddr\n", __func__, __LINE__); @@ -1003,7 +1003,7 @@ int validate_radius_settings(const cJSON *radius, wifi_vap_info_t *vap_info, pEr validate_param_integer(radius, "SecondaryRadiusServerPort", param); vap_info->u.bss_info.security.u.radius.s_port = param->valuedouble; validate_param_string(radius, "SecondaryRadiusSecret", param); - copy_string(vap_info->u.bss_info.security.u.radius.s_key, param->valuestring); + snprintf(vap_info->u.bss_info.security.u.radius.s_key, sizeof(vap_info->u.bss_info.security.u.radius.s_key), "%s", param->valuestring); validate_param_string(radius, "DasServerIPAddr", param); if (validate_ipv4_address(param->valuestring) == RETURN_OK || validate_ipv6_address(param->valuestring) == RETURN_OK) { @@ -1019,7 +1019,7 @@ int validate_radius_settings(const cJSON *radius, wifi_vap_info_t *vap_info, pEr vap_info->u.bss_info.security.u.radius.dasport = param->valuedouble; validate_param_string(radius, "DasSecret", param); - copy_string(vap_info->u.bss_info.security.u.radius.daskey, param->valuestring); + snprintf(vap_info->u.bss_info.security.u.radius.daskey, sizeof(vap_info->u.bss_info.security.u.radius.daskey), "%s", param->valuestring); //max_auth_attempts validate_param_integer(radius, "MaxAuthAttempts", param); @@ -1733,7 +1733,7 @@ int validate_wifi_global_config(const cJSON *global_cfg, wifi_global_param_t *gl //WpsPin validate_param_string(global_cfg, "WpsPin", param); - copy_string(global_info->wps_pin, param->valuestring); + snprintf(global_info->wps_pin, sizeof(global_info->wps_pin), "%s", param->valuestring); // BandsteeringEnable validate_param_bool(global_cfg, "BandsteeringEnable", param); @@ -1789,7 +1789,7 @@ int validate_wifi_global_config(const cJSON *global_cfg, wifi_global_param_t *gl //WifiRegionCode validate_param_string(global_cfg, "WifiRegionCode", param); - copy_string(global_info->wifi_region_code, param->valuestring); + snprintf(global_info->wifi_region_code, sizeof(global_info->wifi_region_code), "%s", param->valuestring); // DiagnosticEnable validate_param_bool(global_cfg, "DiagnosticEnable", param); @@ -1805,19 +1805,19 @@ int validate_wifi_global_config(const cJSON *global_cfg, wifi_global_param_t *gl //NormalizedRssiList validate_param_string(global_cfg, "NormalizedRssiList", param); - copy_string(global_info->normalized_rssi_list, param->valuestring); + snprintf(global_info->normalized_rssi_list, sizeof(global_info->normalized_rssi_list), "%s", param->valuestring); //SNRList validate_param_string(global_cfg, "SNRList", param); - copy_string(global_info->snr_list, param->valuestring); + snprintf(global_info->snr_list, sizeof(global_info->snr_list), "%s", param->valuestring); //CliStatList validate_param_string(global_cfg, "CliStatList", param); - copy_string(global_info->cli_stat_list, param->valuestring); + snprintf(global_info->cli_stat_list, sizeof(global_info->cli_stat_list), "%s", param->valuestring); //TxRxRateList validate_param_string(global_cfg, "TxRxRatetList", param); - copy_string(global_info->txrx_rate_list, param->valuestring); + snprintf(global_info->txrx_rate_list, sizeof(global_info->txrx_rate_list), "%s", param->valuestring); // MgtFrameRateLimitEnable validate_param_bool(global_cfg, "MgtFrameRateLimitEnable", param);