Fix ReinitializeDevice service handling of optional password (#487)

* Fix ReinitializeDevice service handling of optional password

* Improve ReinitializeDevice service unit testing

---------

Co-authored-by: Steve Karg <skarg@users.sourceforge.net>

src/bacnet/basic/object/device.c

@@ -544,8 +544,18 @@ bool Device_Reinitialize(BACNET_REINITIALIZE_DEVICE_DATA *rd_data)
 {
     bool status = false;
 
-    /* Note: you could use a mix of state and password to multiple things */
-    if (characterstring_ansi_same(&rd_data->password, Reinit_Password)) {
+    /* From 16.4.1.1.2 Password
+        This optional parameter shall be a CharacterString of up to 
+        20 characters. For those devices that require the password as a
+        protection, the service request shall be denied if the parameter
+        is absent or if the password is incorrect. For those devices that
+        do not require a password, this parameter shall be ignored.*/
+    if (characterstring_length(&rd_data->password) > 20) {
+        rd_data->error_class = ERROR_CLASS_SERVICES;
+        rd_data->error_code = ERROR_CODE_PARAMETER_OUT_OF_RANGE;
+    } else if (characterstring_ansi_same(&rd_data->password, Reinit_Password)) {
+        /* Note: you could use a mix of state and password to 
+           accomplish multiple things before restarting */
         switch (rd_data->state) {
             case BACNET_REINIT_COLDSTART:
             case BACNET_REINIT_WARMSTART:

src/bacnet/basic/service/h_rd.c

@@ -69,11 +69,11 @@ void handler_reinitialize_device(uint8_t *service_request,
     BACNET_ADDRESS *src,
     BACNET_CONFIRMED_SERVICE_DATA *service_data)
 {
-    BACNET_REINITIALIZE_DEVICE_DATA rd_data;
+    BACNET_REINITIALIZE_DEVICE_DATA rd_data = { 0 };
     int len = 0;
     int pdu_len = 0;
-    BACNET_NPDU_DATA npdu_data;
-    BACNET_ADDRESS my_address;
+    BACNET_NPDU_DATA npdu_data = { 0 };
+    BACNET_ADDRESS my_address = { 0 };
 
     /* encode the NPDU portion of the packet */
     datalink_get_my_address(&my_address);
@@ -98,8 +98,10 @@ void handler_reinitialize_device(uint8_t *service_request,
         service_request, service_len, &rd_data.state, &rd_data.password);
 #if PRINT_ENABLED
     if (len > 0) {
-        fprintf(stderr, "ReinitializeDevice: state=%u password=%s\n",
-            (unsigned)rd_data.state, characterstring_value(&rd_data.password));
+        fprintf(stderr, "ReinitializeDevice: state=%u password=%*s\n",
+            (unsigned)rd_data.state,
+            (int)characterstring_length(&rd_data.password),
+            characterstring_value(&rd_data.password));
     } else {
         fprintf(stderr, "ReinitializeDevice: Unable to decode request!\n");
     }

src/bacnet/rd.c

@@ -41,7 +41,22 @@
 /** @file rd.c  Encode/Decode Reinitialize Device APDUs */
 #if BACNET_SVC_RD_A
 
-/** Encode Reinitialize Device service
+/**
+ * @brief Encode Reinitialize Device service
+ *
+ *  ReinitializeDevice-Request ::= SEQUENCE {
+ *      reinitialized-state-of-device [0] ENUMERATED {
+ *          coldstart (0),
+ *          warmstart (1),
+ *          start-backup (2),
+ *          end-backup (3),
+ *          start-restore (4),
+ *          end-restore (5),
+ *          abort-restore (6),
+ *          activate-changes (7)
+ *      },
+ *      password [1] CharacterString (SIZE (1..20)) OPTIONAL
+ * }
  *
  * @param apdu  Pointer to the APDU buffer.
  * @param invoke_id Invoke-Id
@@ -63,17 +78,24 @@ int rd_encode_apdu(uint8_t *apdu,
         apdu[1] = encode_max_segs_max_apdu(0, MAX_APDU);
         apdu[2] = invoke_id;
         apdu[3] = SERVICE_CONFIRMED_REINITIALIZE_DEVICE;
-        apdu_len = 4;
-        len = encode_context_enumerated(&apdu[apdu_len], 0, state);
-        apdu_len += len;
-        /* optional password */
-        if (password) {
-            /* Must be at least 1 character, limited to 20 characters */
-            if ((password->length >= 1) && (password->length <= 20)) {
-                len = encode_context_character_string(
-                    &apdu[apdu_len], 1, password);
-                apdu_len += len;
-            }
+    }
+    len = 4;
+    apdu_len += len;
+    if (apdu) {
+        apdu += len;
+    }
+    len = encode_context_enumerated(apdu, 0, state);
+    apdu_len += len;
+    if (apdu) {
+        apdu += len;
+    }
+    /* optional password */
+    if (password) {
+        /* Must be at least 1 character, limited to 20 characters */
+        if ((password->length >= 1) && (password->length <= 20)) {
+            len = encode_context_character_string(
+                apdu, 1, password);
+            apdu_len += len;
         }
     }
 
@@ -81,52 +103,64 @@ int rd_encode_apdu(uint8_t *apdu,
 }
 #endif
 
-/** Decode Reinitialize Device service
+/**
+ * @brief Decode Reinitialize Device service
+ *
+ *  ReinitializeDevice-Request ::= SEQUENCE {
+ *      reinitialized-state-of-device [0] ENUMERATED {
+ *          coldstart (0),
+ *          warmstart (1),
+ *          start-backup (2),
+ *          end-backup (3),
+ *          start-restore (4),
+ *          end-restore (5),
+ *          abort-restore (6),
+ *          activate-changes (7)
+ *      },
+ *      password [1] CharacterString (SIZE (1..20)) OPTIONAL
+ * }
  *
  * @param apdu  Pointer to the APDU buffer.
- * @param apdu_len Valid bytes in the buffer
+ * @param apdu_size Valid bytes in the buffer
  * @param state  Pointer to the Reinitialization state
  * @param password  Pointer to the pass phrase.
  *
- * @return Bytes encoded.
+ * @return number of bytes decoded, or #BACNET_STATUS_ERROR if malformed
  */
 int rd_decode_service_request(uint8_t *apdu,
-    unsigned apdu_len,
+    unsigned apdu_size,
     BACNET_REINITIALIZED_STATE *state,
     BACNET_CHARACTER_STRING *password)
 {
-    unsigned len = 0;
-    uint8_t tag_number = 0;
-    uint32_t len_value_type = 0;
+    int len = 0, apdu_len = 0;
     uint32_t value = 0;
 
     /* check for value pointers */
-    if ((apdu) && (apdu_len >= 2)) {
+    if (apdu) {
         /* Tag 0: reinitializedStateOfDevice */
-        if (!decode_is_context_tag(&apdu[len], 0)) {
-            return -1;
-        }
-        len += decode_tag_number_and_value(
-            &apdu[len], &tag_number, &len_value_type);
-        len += decode_enumerated(&apdu[len], len_value_type, &value);
-        if (state) {
-            *state = (BACNET_REINITIALIZED_STATE)value;
+        len = bacnet_enumerated_context_decode(
+            &apdu[apdu_len], apdu_size - apdu_len, 0, &value);
+        if (len > 0) {
+            if (state) {
+                *state = (BACNET_REINITIALIZED_STATE)value;
+            }
+            apdu_len = len;
+        } else {
+            apdu_len = BACNET_STATUS_ERROR;
         }
         /* Tag 1: password - optional */
-        if (len < apdu_len) {
-            if (!decode_is_context_tag(&apdu[len], 1)) {
-                return -1;
-            }
-            len += decode_tag_number_and_value(
-                &apdu[len], &tag_number, &len_value_type);
-            if (len < apdu_len) {
-                if (password) {
-                    len += decode_character_string(
-                        &apdu[len], len_value_type, password);
-                }
+        if (apdu_len < apdu_size) {
+            len = bacnet_character_string_context_decode(
+                &apdu[apdu_len], apdu_size - apdu_len, 1, password);
+            if (len > 0) {
+                apdu_len += len;
+            } else {
+                apdu_len = BACNET_STATUS_ERROR;
             }
+        } else {
+            characterstring_init_ansi(password, "");
         }
     }
 
-    return (int)len;
+    return apdu_len;
 }