Secure BACnet decoders and service requests (#1244)
* Secured BACnetAssignedAccessRights decoder. * Secured BACnetPropertyState decoder. * Secured BACnetCredentialAuthenticationFactor decoder. * Secured BACnetEventState change-of-state [1] SEQUENCE decoder. * Secured I-Have-Request service decoder. * Secured Add/Remove ListElement service request decoder. * Secured ConfirmedPrivateTransfer-Request and UnconfirmedPrivateTransfer-Request decoders. * Secured ReadPropertyMultiple-Request and -Ack decoders. * Secured TimeSynchronization-Request decoder. * Secured WritePropertyMultiple service decoders * Secured Trend Log object TL_fetch_property() function. * Secured ReadProperty-Ack decider, * Refactor BACnet time sync recipient handling by moving timesync linked list structure into bacdest where the recipient encoder and decoder already existed. * Secured decoding of BACnetPropertyState. * Secured decoding in the LifeSafetyOperation-Request service. * Secured BACnetAuthenticationFactor decoding in the Credential Data Input object. * Fixed WriteProperty decoder to avoid read buffer overrun. Improved WriteProperty error reporting by adding specific reject codes during decoding similar to WritePropertyMultiple. Deduplicated the WriteProperty handling of abort, reject and error codes. * Added BACNET_STACK_DEPRECATED_DISABLE guards around all of the deprecated decoding functions to ensure they are not used except intentionally for legacy code bases. * Changed version to 1.5.0.rc5 for security fix tracking in branch.
This commit is contained in:
Steve Karg
@@ -16,6 +16,17 @@ The git repositories are hosted at the following sites:
|
||||
|
||||
### Security
|
||||
|
||||
* Secured various BACnet type and service request decoders by replacing
|
||||
deprecated decoders. Secured ReadProperty-Ack decoder, Trend Log object
|
||||
TL_fetch_property() function, WritePropertyMultiple service decoders,
|
||||
TimeSynchronization-Request decoder, ReadPropertyMultiple-Request and
|
||||
ReadPropertyMultiple-Ack decoders, ConfirmedPrivateTransfer-Request
|
||||
and UnconfirmedPrivateTransfer-Request decoders, Add/Remove ListElement
|
||||
service request decoder, I-Have-Request service decoder, BACnetEventState
|
||||
change-of-state decoder, BACnetCredentialAuthenticationFactor decoder,
|
||||
BACnetPropertyState decoder, BACnetAssignedAccessRights decoder,
|
||||
LifeSafetyOperation-Request service decoder, BACnetAuthenticationFactor
|
||||
decoder in the Crediential Data Input object. (#1244)
|
||||
* Secured BVLC decoder by replacing deprecated primitive decoder usage. (#1241)
|
||||
* Secured decoding length underflow in wp_decode_service_request() and
|
||||
bacnet_action_command_decode() which had similar issue. (#1231)
|
||||
@@ -41,6 +52,9 @@ The git repositories are hosted at the following sites:
|
||||
|
||||
### Added
|
||||
|
||||
* Added BACNET_STACK_DEPRECATED_DISABLE guards around all of the deprecated
|
||||
decoding functions to ensure they are not used except intentionally for
|
||||
legacy code bases. (#1244)
|
||||
* Added Who-Is-Router-To-Network process in basic Notification Class when
|
||||
recipient address router MAC address is unknown. (#1243)
|
||||
* Add initialization and unpacking functions for BACnet Character
|
||||
|
||||
Reference in New Issue
Block a user