dali/bacnet_stack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bugfix/fix splint warnings (#250)

Browse Source 
* Fix SPLINT to perform static defect analysis

Fix the SPLINT invocation in Makefile
Fix C files where SPLINT detected problems.
Remove UCIX check from SPLINT
Use SPLINT friendly parsing code disable for bacsec

Co-authored-by: Steve Karg <skarg@users.sourceforge.net>
This commit is contained in:
Steve Karg
2022-04-12 13:00:29 -05:00
committed by GitHub
parent f6fad83f61
commit c9d42d268e
13 changed files with 268 additions and 256 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Makefile
+6 -3
View File
@@ -225,13 +225,16 @@ lint:
SPLINT_OPTIONS := -weak +posixlib +quiet \
-D__signed__=signed -D__gnuc_va_list=va_list \
-Iinclude -Idemo/object -Iports/linux \
+matchanyintegral +ignoresigns -unrecog -preproc -fullinitblock \
-Isrc -Iports/linux \
+matchanyintegral +ignoresigns -unrecog -preproc \
+error-stream-stderr +warning-stream-stderr -warnposix \
-bufferoverflowhigh
SPLINT_FIND_OPTIONS := ./src -path ./src/bacnet/basic/ucix -prune -o -name "*.c"
.PHONY: splint
splint:
find ./src -name "*.c" -exec splint $(SPLINT_OPTIONS) {} \;
find $(SPLINT_FIND_OPTIONS) -exec splint $(SPLINT_OPTIONS) {} \;
CPPCHECK_OPTIONS = --enable=warning,portability
CPPCHECK_OPTIONS += --template=gcc
src/bacnet/basic/bbmd/h_bbmd.c
+7 -7
View File
@@ -592,8 +592,8 @@ int bvlc_send_pdu(BACNET_ADDRESS *dest,
#if BBMD_ENABLED
if (mtu_len > 0) {
bip_get_addr(&bip_src);
bbmd_fdt_forward_npdu(&bip_src, pdu, pdu_len, true);
bbmd_bdt_forward_npdu(&bip_src, pdu, pdu_len, true);
(void)bbmd_fdt_forward_npdu(&bip_src, pdu, pdu_len, true);
(void)bbmd_bdt_forward_npdu(&bip_src, pdu, pdu_len, true);
}
#endif
}
@@ -928,7 +928,7 @@ int bvlc_bbmd_enabled_handler(BACNET_IP_ADDRESS *addr,
/* In addition, the constructed BVLL Forwarded-NPDU
message shall be unicast to each foreign device in
the BBMD's FDT. */
bbmd_fdt_forward_npdu(&fwd_address, mtu, mtu_len, false);
(void)bbmd_fdt_forward_npdu(&fwd_address, mtu, mtu_len, false);
/* prepare the message for me! */
bvlc_ip_address_to_bacnet_local(src, &fwd_address);
offset = header_len + function_len - npdu_len;
@@ -1032,8 +1032,8 @@ int bvlc_bbmd_enabled_handler(BACNET_IP_ADDRESS *addr,
attempt was unsuccessful */
npdu_len = bbmd_forward_npdu(addr, pdu, pdu_len);
if (npdu_len > 0) {
bbmd_fdt_forward_npdu(addr, pdu, pdu_len, false);
bbmd_bdt_forward_npdu(addr, pdu, pdu_len, false);
(void)bbmd_fdt_forward_npdu(addr, pdu, pdu_len, false);
(void)bbmd_bdt_forward_npdu(addr, pdu, pdu_len, false);
} else {
result_code = BVLC_RESULT_DISTRIBUTE_BROADCAST_TO_NETWORK_NAK;
send_result = true;
@@ -1099,8 +1099,8 @@ int bvlc_bbmd_enabled_handler(BACNET_IP_ADDRESS *addr,
"Original-Broadcast-NPDU: "
"Confirmed Service! Discard!");
} else {
bbmd_fdt_forward_npdu(addr, npdu, npdu_len, true);
bbmd_bdt_forward_npdu(addr, npdu, npdu_len, true);
(void)bbmd_fdt_forward_npdu(addr, npdu, npdu_len, true);
(void)bbmd_bdt_forward_npdu(addr, npdu, npdu_len, true);
debug_print_npdu("Original-Broadcast-NPDU",
offset, npdu_len);
}
src/bacnet/basic/bbmd6/h_bbmd6.c
+3 -2
View File
@@ -181,18 +181,19 @@ static bool bbmd6_add_vmac(uint32_t device_id, BACNET_IP6_ADDRESS *addr)
bool status = false;
struct vmac_data *vmac;
struct vmac_data new_vmac;
unsigned i = 0;
if (addr) {
vmac = VMAC_Find_By_Key(device_id);
if (vmac) {
/* already exists - replace? */
PRINTF("VMAC existing %u [", (unsigned int)device_id);
for (unsigned i = 0; i < vmac->mac_len; i++) {
for (i = 0; i < vmac->mac_len; i++) {
PRINTF("%02X", vmac->mac[i]);
}
PRINTF("]\n");
PRINTF("VMAC ignoring %u [", (unsigned int)device_id);
for (unsigned i = 0; i < IP6_ADDRESS_MAX; i++) {
for (i = 0; i < IP6_ADDRESS_MAX; i++) {
PRINTF("%02X", addr->address[i]);
}
PRINTF("%04X", addr->port);
src/bacnet/basic/bbmd6/vmac.c
+2 -1
View File
@@ -258,6 +258,7 @@ void VMAC_Cleanup(void)
struct vmac_data *pVMAC;
uint32_t device_id;
const int index = 0;
unsigned i = 0;
if (VMAC_List) {
do {
@@ -266,7 +267,7 @@ void VMAC_Cleanup(void)
if (pVMAC) {
PRINTF("VMAC List: %lu [", (unsigned long)device_id);
/* print the MAC */
for (unsigned i = 0; i < pVMAC->mac_len; i++) {
for (i = 0; i < pVMAC->mac_len; i++) {
PRINTF("%02X", pVMAC->mac[i]);
}
PRINTF("]\n");
src/bacnet/basic/object/ai.c
+2 -2
View File
@@ -238,10 +238,10 @@ bool Analog_Input_Object_Name(
*/
unsigned Analog_Input_Event_State(uint32_t object_instance)
{
unsigned index = 0;
unsigned state = EVENT_STATE_NORMAL;
#if defined(INTRINSIC_REPORTING)
unsigned index = 0;
index = Analog_Input_Instance_To_Index(object_instance);
if (index < MAX_ANALOG_INPUTS) {
state = AI_Descr[index].Event_State;
src/bacnet/basic/object/ao.c
+4 -3
View File
@@ -154,7 +154,7 @@ float Analog_Output_Present_Value(uint32_t object_instance)
if (index < MAX_ANALOG_OUTPUTS) {
for (i = 0; i < BACNET_MAX_PRIORITY; i++) {
if (Analog_Output_Level[index][i] != AO_LEVEL_NULL) {
value = Analog_Output_Level[index][i];
value = (float)Analog_Output_Level[index][i];
break;
}
}
@@ -342,7 +342,8 @@ int Analog_Output_Read_Property(BACNET_READ_PROPERTY_DATA *rpdata)
if (Analog_Output_Level[object_index][i] == AO_LEVEL_NULL) {
len = encode_application_null(&apdu[apdu_len]);
} else {
real_value = Analog_Output_Level[object_index][i];
real_value =
(float)Analog_Output_Level[object_index][i];
len = encode_application_real(
&apdu[apdu_len], real_value);
}
@@ -365,7 +366,7 @@ int Analog_Output_Read_Property(BACNET_READ_PROPERTY_DATA *rpdata)
apdu_len = encode_application_null(&apdu[0]);
} else {
real_value =
Analog_Output_Level[object_index]
(float)Analog_Output_Level[object_index]
[rpdata->array_index - 1];
apdu_len =
encode_application_real(&apdu[0], real_value);
src/bacnet/basic/object/av.c
+2 -2
View File
@@ -299,10 +299,10 @@ bool Analog_Value_Object_Name(
*/
unsigned Analog_Value_Event_State(uint32_t object_instance)
{
unsigned index = 0;
unsigned state = EVENT_STATE_NORMAL;
#if defined(INTRINSIC_REPORTING)
unsigned index = 0;
index = Analog_Value_Instance_To_Index(object_instance);
if (index < MAX_ANALOG_VALUES) {
state = AV_Descr[index].Event_State;
src/bacnet/basic/object/channel.c
+11 -11
View File
@@ -850,7 +850,7 @@ int Channel_Coerce_Data_Encode(uint8_t *apdu,
apdu_len = BACNET_STATUS_ERROR;
}
} else if (tag == BACNET_APPLICATION_TAG_DOUBLE) {
double_value = value->type.Unsigned_Int;
double_value = (double)value->type.Unsigned_Int;
apdu_len =
encode_application_double(&apdu[0], double_value);
} else if (tag == BACNET_APPLICATION_TAG_ENUMERATED) {
@@ -892,7 +892,7 @@ int Channel_Coerce_Data_Encode(uint8_t *apdu,
apdu_len = BACNET_STATUS_ERROR;
}
} else if (tag == BACNET_APPLICATION_TAG_DOUBLE) {
double_value = value->type.Signed_Int;
double_value = (double)value->type.Signed_Int;
apdu_len =
encode_application_double(&apdu[0], double_value);
} else if (tag == BACNET_APPLICATION_TAG_ENUMERATED) {
@@ -907,14 +907,14 @@ int Channel_Coerce_Data_Encode(uint8_t *apdu,
#if defined(BACAPP_REAL)
case BACNET_APPLICATION_TAG_REAL:
if (tag == BACNET_APPLICATION_TAG_BOOLEAN) {
if (value->type.Real) {
if (value->type.Real != 0.0F) {
boolean_value = true;
}
apdu_len =
encode_application_boolean(&apdu[0], boolean_value);
} else if (tag == BACNET_APPLICATION_TAG_UNSIGNED_INT) {
if ((value->type.Real >= 0.0) &&
(value->type.Real <= 2147483000.0)) {
if ((value->type.Real >= 0.0F) &&
(value->type.Real <= 2147483000.0F)) {
unsigned_value = (uint32_t)value->type.Real;
apdu_len = encode_application_unsigned(
&apdu[0], unsigned_value);
@@ -922,8 +922,8 @@ int Channel_Coerce_Data_Encode(uint8_t *apdu,
apdu_len = BACNET_STATUS_ERROR;
}
} else if (tag == BACNET_APPLICATION_TAG_SIGNED_INT) {
if ((value->type.Real >= -2147483000.0) &&
(value->type.Real <= 214783000.0)) {
if ((value->type.Real >= -2147483000.0F) &&
(value->type.Real <= 214783000.0F)) {
signed_value = (int32_t)value->type.Real;
apdu_len =
encode_application_signed(&apdu[0], signed_value);
@@ -938,8 +938,8 @@ int Channel_Coerce_Data_Encode(uint8_t *apdu,
apdu_len =
encode_application_double(&apdu[0], double_value);
} else if (tag == BACNET_APPLICATION_TAG_ENUMERATED) {
if ((value->type.Real >= 0.0) &&
(value->type.Real <= 2147483000.0)) {
if ((value->type.Real >= 0.0F) &&
(value->type.Real <= 2147483000.0F)) {
unsigned_value = (uint32_t)value->type.Real;
apdu_len = encode_application_enumerated(
&apdu[0], unsigned_value);
@@ -954,7 +954,7 @@ int Channel_Coerce_Data_Encode(uint8_t *apdu,
#if defined(BACAPP_DOUBLE)
case BACNET_APPLICATION_TAG_DOUBLE:
if (tag == BACNET_APPLICATION_TAG_BOOLEAN) {
if (value->type.Double) {
if (value->type.Double != 0.0) {
boolean_value = true;
}
apdu_len =
@@ -1033,7 +1033,7 @@ int Channel_Coerce_Data_Encode(uint8_t *apdu,
apdu_len = BACNET_STATUS_ERROR;
}
} else if (tag == BACNET_APPLICATION_TAG_DOUBLE) {
double_value = value->type.Enumerated;
double_value = (double)value->type.Enumerated;
apdu_len =
encode_application_double(&apdu[0], double_value);
} else if (tag == BACNET_APPLICATION_TAG_ENUMERATED) {
src/bacnet/basic/object/iv.c
+1 -1
View File
@@ -333,7 +333,7 @@ int Integer_Value_Read_Property(BACNET_READ_PROPERTY_DATA *rpdata)
BACNET_CHARACTER_STRING char_string;
uint8_t *apdu = NULL;
uint32_t units = 0;
int32_t integer_value = 0.0;
int32_t integer_value = 0;
bool state = false;
if ((rpdata == NULL) || (rpdata->application_data == NULL) ||
src/bacnet/basic/object/msv.c
+1 -1
View File
@@ -372,7 +372,7 @@ bool Multistate_Value_Encode_Value_List(
const bool fault = false;
const bool overridden = false;
bool out_of_service = false;
uint32_t present_value = 0.0;
uint32_t present_value = 0;
unsigned index = 0;
index = Multistate_Value_Instance_To_Index(object_instance);
src/bacnet/datalink/bacsec.c
+226 -220
View File
@@ -38,122 +38,125 @@ BACNET_KEY_IDENTIFIER_KEY_NUMBER key_number(uint16_t id)
return (BACNET_KEY_IDENTIFIER_KEY_NUMBER)(id & 0xFF);
}
// int encode_security_wrapper(
// int bytes_before, uint8_t *apdu, BACNET_SECURITY_WRAPPER *wrapper)
// {
// int curr = 0;
// int enc_begin = 0;
// BACNET_KEY_ENTRY key;
// BACNET_SECURITY_RESPONSE_CODE res = SEC_RESP_SUCCESS;
#if 0
/* FIXME: please fix? */
int encode_security_wrapper(
int bytes_before, uint8_t *apdu, BACNET_SECURITY_WRAPPER *wrapper)
{
int curr = 0;
int enc_begin = 0;
BACNET_KEY_ENTRY key;
BACNET_SECURITY_RESPONSE_CODE res = SEC_RESP_SUCCESS;
// apdu[curr] = 0;
// /* control byte */
// if (wrapper->payload_net_or_bvll_flag) {
// apdu[curr] |= 1 << 7;
// }
// /* encryption flag will be set after signature calculation */
// /* bit 5 is reserved and shall be 0 */
// if (wrapper->authentication_flag) {
// apdu[curr] |= 1 << 4;
// }
// if (wrapper->do_not_unwrap_flag) {
// apdu[curr] |= 1 << 3;
// }
// if (wrapper->do_not_decrypt_flag) {
// apdu[curr] |= 1 << 2;
// }
// if (wrapper->non_trusted_source_flag) {
// apdu[curr] |= 1 << 1;
// }
// if (wrapper->secured_by_router_flag) {
// apdu[curr] |= 1;
// }
// curr++;
// /* basic integrity checks */
// if (wrapper->do_not_decrypt_flag && !wrapper->do_not_unwrap_flag) {
// return -SEC_RESP_MALFORMED_MESSAGE;
// }
// if (!wrapper->encrypted_flag && wrapper->do_not_decrypt_flag) {
// return -SEC_RESP_MALFORMED_MESSAGE;
// }
// /* key */
// apdu[curr++] = wrapper->key_revision;
// curr += encode_unsigned16(&apdu[curr], wrapper->key_identifier);
// /* find appropriate key */
// key.key_identifier = wrapper->key_identifier;
// res = bacnet_find_key(wrapper->key_revision, &key);
// if (res != SEC_RESP_SUCCESS) {
// return -res;
// }
// /* source device instance */
// curr += encode_unsigned24(&apdu[curr], wrapper->source_device_instance);
// /* message id */
// curr += encode_unsigned32(&apdu[curr], wrapper->message_id);
// /* timestamp */
// curr += encode_unsigned32(&apdu[curr], wrapper->timestamp);
// /* begin encryption starting from destination device instance */
// enc_begin = curr;
// /* destination device instance */
// curr +=
// encode_unsigned24(&apdu[curr], wrapper->destination_device_instance);
// /* dst address */
// curr += encode_unsigned16(&apdu[curr], wrapper->dnet);
// apdu[curr++] = wrapper->dlen;
// memcpy(&apdu[curr], wrapper->dadr, wrapper->dlen);
// curr += wrapper->dlen;
// /* src address */
// curr += encode_unsigned16(&apdu[curr], wrapper->snet);
// apdu[curr++] = wrapper->slen;
// memcpy(&apdu[curr], wrapper->sadr, wrapper->slen);
// curr += wrapper->slen;
// /* authentication */
// if (wrapper->authentication_flag) {
// apdu[curr++] = wrapper->authentication_mechanism;
// /* authentication data */
// curr += encode_unsigned16(&apdu[curr], wrapper->user_id);
// apdu[curr++] = wrapper->user_role;
// if ((wrapper->authentication_mechanism >= 1) &&
// (wrapper->authentication_mechanism <= 199)) {
// curr += encode_unsigned16(
// &apdu[curr], wrapper->authentication_data_length + 5);
// memcpy(&apdu[curr], wrapper->authentication_data,
// wrapper->authentication_data_length);
// curr += wrapper->authentication_data_length;
// } else if (wrapper->authentication_mechanism >= 200) {
// curr += encode_unsigned16(
// &apdu[curr], wrapper->authentication_data_length + 7);
// curr += encode_unsigned16(&apdu[curr], wrapper->vendor_id);
// memcpy(&apdu[curr], wrapper->authentication_data,
// wrapper->authentication_data_length);
// curr += wrapper->authentication_data_length;
// }
// }
// memcpy(&apdu[curr], wrapper->service_data, wrapper->service_data_len);
// curr += wrapper->service_data_len;
// /* signature calculation */
// key_sign_msg(&key, &apdu[-bytes_before], (uint32_t)(bytes_before + curr),
// wrapper->signature);
// /* padding and encryption */
// if (wrapper->encrypted_flag) {
// /* set encryption flag, signing is done */
// apdu[0] |= 1 << 6;
// /* handle padding */
// key_set_padding(
// &key, curr - enc_begin, &wrapper->padding_len, wrapper->padding);
// if (wrapper->padding_len > 2) {
// memcpy(&apdu[curr], wrapper->padding, wrapper->padding_len - 2);
// curr += wrapper->padding_len - 2;
// }
// curr += encode_unsigned16(&apdu[curr], wrapper->padding_len);
// /* encryption */
// key_encrypt_msg(&key, &apdu[enc_begin], (uint32_t)(curr - enc_begin),
// wrapper->signature);
// }
// memcpy(&apdu[curr], wrapper->signature, SIGNATURE_LEN);
// curr += SIGNATURE_LEN;
apdu[curr] = 0;
/* control byte */
if (wrapper->payload_net_or_bvll_flag) {
apdu[curr] |= 1 << 7;
}
/* encryption flag will be set after signature calculation */
/* bit 5 is reserved and shall be 0 */
if (wrapper->authentication_flag) {
apdu[curr] |= 1 << 4;
}
if (wrapper->do_not_unwrap_flag) {
apdu[curr] |= 1 << 3;
}
if (wrapper->do_not_decrypt_flag) {
apdu[curr] |= 1 << 2;
}
if (wrapper->non_trusted_source_flag) {
apdu[curr] |= 1 << 1;
}
if (wrapper->secured_by_router_flag) {
apdu[curr] |= 1;
}
curr++;
/* basic integrity checks */
if (wrapper->do_not_decrypt_flag && !wrapper->do_not_unwrap_flag) {
return -SEC_RESP_MALFORMED_MESSAGE;
}
if (!wrapper->encrypted_flag && wrapper->do_not_decrypt_flag) {
return -SEC_RESP_MALFORMED_MESSAGE;
}
/* key */
apdu[curr++] = wrapper->key_revision;
curr += encode_unsigned16(&apdu[curr], wrapper->key_identifier);
/* find appropriate key */
key.key_identifier = wrapper->key_identifier;
res = bacnet_find_key(wrapper->key_revision, &key);
if (res != SEC_RESP_SUCCESS) {
return -res;
}
/* source device instance */
curr += encode_unsigned24(&apdu[curr], wrapper->source_device_instance);
/* message id */
curr += encode_unsigned32(&apdu[curr], wrapper->message_id);
/* timestamp */
curr += encode_unsigned32(&apdu[curr], wrapper->timestamp);
/* begin encryption starting from destination device instance */
enc_begin = curr;
/* destination device instance */
curr +=
encode_unsigned24(&apdu[curr], wrapper->destination_device_instance);
/* dst address */
curr += encode_unsigned16(&apdu[curr], wrapper->dnet);
apdu[curr++] = wrapper->dlen;
memcpy(&apdu[curr], wrapper->dadr, wrapper->dlen);
curr += wrapper->dlen;
/* src address */
curr += encode_unsigned16(&apdu[curr], wrapper->snet);
apdu[curr++] = wrapper->slen;
memcpy(&apdu[curr], wrapper->sadr, wrapper->slen);
curr += wrapper->slen;
/* authentication */
if (wrapper->authentication_flag) {
apdu[curr++] = wrapper->authentication_mechanism;
/* authentication data */
curr += encode_unsigned16(&apdu[curr], wrapper->user_id);
apdu[curr++] = wrapper->user_role;
if ((wrapper->authentication_mechanism >= 1) &&
(wrapper->authentication_mechanism <= 199)) {
curr += encode_unsigned16(
&apdu[curr], wrapper->authentication_data_length + 5);
memcpy(&apdu[curr], wrapper->authentication_data,
wrapper->authentication_data_length);
curr += wrapper->authentication_data_length;
} else if (wrapper->authentication_mechanism >= 200) {
curr += encode_unsigned16(
&apdu[curr], wrapper->authentication_data_length + 7);
curr += encode_unsigned16(&apdu[curr], wrapper->vendor_id);
memcpy(&apdu[curr], wrapper->authentication_data,
wrapper->authentication_data_length);
curr += wrapper->authentication_data_length;
}
}
memcpy(&apdu[curr], wrapper->service_data, wrapper->service_data_len);
curr += wrapper->service_data_len;
/* signature calculation */
key_sign_msg(&key, &apdu[-bytes_before], (uint32_t)(bytes_before + curr),
wrapper->signature);
/* padding and encryption */
if (wrapper->encrypted_flag) {
/* set encryption flag, signing is done */
apdu[0] |= 1 << 6;
/* handle padding */
key_set_padding(
&key, curr - enc_begin, &wrapper->padding_len, wrapper->padding);
if (wrapper->padding_len > 2) {
memcpy(&apdu[curr], wrapper->padding, wrapper->padding_len - 2);
curr += wrapper->padding_len - 2;
}
curr += encode_unsigned16(&apdu[curr], wrapper->padding_len);
/* encryption */
key_encrypt_msg(&key, &apdu[enc_begin], (uint32_t)(curr - enc_begin),
wrapper->signature);
}
memcpy(&apdu[curr], wrapper->signature, SIGNATURE_LEN);
curr += SIGNATURE_LEN;
// return curr;
// }
return curr;
}
#endif
int encode_challenge_request(uint8_t *apdu, BACNET_CHALLENGE_REQUEST *bc_req)
{
@@ -375,114 +378,117 @@ int encode_set_master_key(uint8_t *apdu, BACNET_SET_MASTER_KEY *set_master_key)
return encode_key_entry(apdu, &set_master_key->key);
}
// int decode_security_wrapper_safe(int bytes_before,
// uint8_t *apdu,
// uint32_t apdu_len_remaining,
// BACNET_SECURITY_WRAPPER *wrapper)
// {
// int curr = 0;
// int enc_begin = 0;
// int real_len = (int)(apdu_len_remaining - SIGNATURE_LEN);
// BACNET_KEY_ENTRY key;
// BACNET_SECURITY_RESPONSE_CODE res = SEC_RESP_SUCCESS;
#if 0
/* FIXME: please fix? */
int decode_security_wrapper_safe(int bytes_before,
uint8_t *apdu,
uint32_t apdu_len_remaining,
BACNET_SECURITY_WRAPPER *wrapper)
{
int curr = 0;
int enc_begin = 0;
int real_len = (int)(apdu_len_remaining - SIGNATURE_LEN);
BACNET_KEY_ENTRY key;
BACNET_SECURITY_RESPONSE_CODE res = SEC_RESP_SUCCESS;
// if (apdu_len_remaining < 40) {
// return -SEC_RESP_MALFORMED_MESSAGE;
// }
// wrapper->payload_net_or_bvll_flag = ((apdu[curr] & (1 << 7)) != 0);
// wrapper->encrypted_flag = ((apdu[curr] & (1 << 6)) != 0);
// wrapper->authentication_flag = ((apdu[curr] & (1 << 4)) != 0);
// wrapper->do_not_unwrap_flag = ((apdu[curr] & (1 << 3)) != 0);
// wrapper->do_not_decrypt_flag = ((apdu[curr] & (1 << 2)) != 0);
// wrapper->non_trusted_source_flag = ((apdu[curr] & (1 << 1)) != 0);
// wrapper->secured_by_router_flag = ((apdu[curr] & 1) != 0);
// /* basic integrity checks */
// if (wrapper->do_not_decrypt_flag && !wrapper->do_not_unwrap_flag) {
// return -SEC_RESP_MALFORMED_MESSAGE;
// }
// if (!wrapper->encrypted_flag && wrapper->do_not_decrypt_flag) {
// return -SEC_RESP_MALFORMED_MESSAGE;
// }
// /* remove encryption flag for signature validation */
// apdu[curr] &= ~((uint8_t)(1 << 6));
// curr++;
// /* key */
// wrapper->key_revision = apdu[curr++];
// curr += decode_unsigned16(&apdu[curr], &wrapper->key_identifier);
// /* find appropriate key */
// key.key_identifier = wrapper->key_identifier;
// res = bacnet_find_key(wrapper->key_revision, &key);
// if (res != SEC_RESP_SUCCESS) {
// return -res;
// }
// /* source device instance */
// curr += decode_unsigned24(&apdu[curr], &wrapper->source_device_instance);
// /* message id */
// curr += decode_unsigned32(&apdu[curr], &wrapper->message_id);
// /* timestamp */
// curr += decode_unsigned32(&apdu[curr], &wrapper->timestamp);
// /* begin decryption starting from destination device instance */
// enc_begin = curr;
// /* read signature */
// memcpy(wrapper->signature, &apdu[real_len], SIGNATURE_LEN);
// if (wrapper->encrypted_flag) {
// if (!key_decrypt_msg(&key, &apdu[enc_begin],
// (uint32_t)(real_len - enc_begin), wrapper->signature)) {
// return -SEC_RESP_MALFORMED_MESSAGE;
// }
// curr += decode_unsigned16(&apdu[real_len - 2],
// &wrapper->padding_len); real_len -= wrapper->padding_len;
// memcpy(wrapper->padding, &apdu[wrapper->padding_len],
// wrapper->padding_len - 2);
// }
// /* destination device instance */
// curr +=
// decode_unsigned24(&apdu[curr],
// &wrapper->destination_device_instance);
// /* dst address */
// curr += decode_unsigned16(&apdu[curr], &wrapper->dnet);
// wrapper->dlen = apdu[curr++];
// memcpy(wrapper->dadr, &apdu[curr], wrapper->dlen);
// curr += wrapper->dlen;
// /* src address */
// curr += decode_unsigned16(&apdu[curr], &wrapper->snet);
// wrapper->slen = apdu[curr++];
// memcpy(wrapper->sadr, &apdu[curr], wrapper->slen);
// curr += wrapper->slen;
// /* authentication */
// if (wrapper->authentication_flag) {
// wrapper->authentication_mechanism = apdu[curr++];
// /* authentication data */
// curr += decode_unsigned16(&apdu[curr], &wrapper->user_id);
// wrapper->user_role = apdu[curr++];
// if ((wrapper->authentication_mechanism >= 1) &&
// (wrapper->authentication_mechanism <= 199)) {
// curr += decode_unsigned16(
// &apdu[curr], &wrapper->authentication_data_length);
// wrapper->authentication_data_length -= 5;
// memcpy(wrapper->authentication_data, &apdu[curr],
// wrapper->authentication_data_length);
// curr += wrapper->authentication_data_length;
// } else if (wrapper->authentication_mechanism >= 200) {
// curr += decode_unsigned16(
// &apdu[curr], &wrapper->authentication_data_length);
// wrapper->authentication_data_length -= 7;
// curr += decode_unsigned16(&apdu[curr], &wrapper->vendor_id);
// memcpy(wrapper->authentication_data, &apdu[curr],
// wrapper->authentication_data_length);
// curr += wrapper->authentication_data_length;
// }
// }
// wrapper->service_data_len = (uint16_t)(real_len - curr);
// memcpy(wrapper->service_data, &apdu[curr], wrapper->service_data_len);
// curr += wrapper->service_data_len;
// if (!key_verify_sign_msg(&key, &apdu[-bytes_before],
// (uint32_t)(bytes_before + real_len), wrapper->signature)) {
// return -SEC_RESP_BAD_SIGNATURE;
// }
if (apdu_len_remaining < 40) {
return -SEC_RESP_MALFORMED_MESSAGE;
}
wrapper->payload_net_or_bvll_flag = ((apdu[curr] & (1 << 7)) != 0);
wrapper->encrypted_flag = ((apdu[curr] & (1 << 6)) != 0);
wrapper->authentication_flag = ((apdu[curr] & (1 << 4)) != 0);
wrapper->do_not_unwrap_flag = ((apdu[curr] & (1 << 3)) != 0);
wrapper->do_not_decrypt_flag = ((apdu[curr] & (1 << 2)) != 0);
wrapper->non_trusted_source_flag = ((apdu[curr] & (1 << 1)) != 0);
wrapper->secured_by_router_flag = ((apdu[curr] & 1) != 0);
/* basic integrity checks */
if (wrapper->do_not_decrypt_flag && !wrapper->do_not_unwrap_flag) {
return -SEC_RESP_MALFORMED_MESSAGE;
}
if (!wrapper->encrypted_flag && wrapper->do_not_decrypt_flag) {
return -SEC_RESP_MALFORMED_MESSAGE;
}
/* remove encryption flag for signature validation */
apdu[curr] &= ~((uint8_t)(1 << 6));
curr++;
/* key */
wrapper->key_revision = apdu[curr++];
curr += decode_unsigned16(&apdu[curr], &wrapper->key_identifier);
/* find appropriate key */
key.key_identifier = wrapper->key_identifier;
res = bacnet_find_key(wrapper->key_revision, &key);
if (res != SEC_RESP_SUCCESS) {
return -res;
}
/* source device instance */
curr += decode_unsigned24(&apdu[curr], &wrapper->source_device_instance);
/* message id */
curr += decode_unsigned32(&apdu[curr], &wrapper->message_id);
/* timestamp */
curr += decode_unsigned32(&apdu[curr], &wrapper->timestamp);
/* begin decryption starting from destination device instance */
enc_begin = curr;
/* read signature */
memcpy(wrapper->signature, &apdu[real_len], SIGNATURE_LEN);
if (wrapper->encrypted_flag) {
if (!key_decrypt_msg(&key, &apdu[enc_begin],
(uint32_t)(real_len - enc_begin), wrapper->signature)) {
return -SEC_RESP_MALFORMED_MESSAGE;
}
curr += decode_unsigned16(&apdu[real_len - 2],
&wrapper->padding_len); real_len -= wrapper->padding_len;
memcpy(wrapper->padding, &apdu[wrapper->padding_len],
wrapper->padding_len - 2);
}
/* destination device instance */
curr +=
decode_unsigned24(&apdu[curr],
&wrapper->destination_device_instance);
/* dst address */
curr += decode_unsigned16(&apdu[curr], &wrapper->dnet);
wrapper->dlen = apdu[curr++];
memcpy(wrapper->dadr, &apdu[curr], wrapper->dlen);
curr += wrapper->dlen;
/* src address */
curr += decode_unsigned16(&apdu[curr], &wrapper->snet);
wrapper->slen = apdu[curr++];
memcpy(wrapper->sadr, &apdu[curr], wrapper->slen);
curr += wrapper->slen;
/* authentication */
if (wrapper->authentication_flag) {
wrapper->authentication_mechanism = apdu[curr++];
/* authentication data */
curr += decode_unsigned16(&apdu[curr], &wrapper->user_id);
wrapper->user_role = apdu[curr++];
if ((wrapper->authentication_mechanism >= 1) &&
(wrapper->authentication_mechanism <= 199)) {
curr += decode_unsigned16(
&apdu[curr], &wrapper->authentication_data_length);
wrapper->authentication_data_length -= 5;
memcpy(wrapper->authentication_data, &apdu[curr],
wrapper->authentication_data_length);
curr += wrapper->authentication_data_length;
} else if (wrapper->authentication_mechanism >= 200) {
curr += decode_unsigned16(
&apdu[curr], &wrapper->authentication_data_length);
wrapper->authentication_data_length -= 7;
curr += decode_unsigned16(&apdu[curr], &wrapper->vendor_id);
memcpy(wrapper->authentication_data, &apdu[curr],
wrapper->authentication_data_length);
curr += wrapper->authentication_data_length;
}
}
wrapper->service_data_len = (uint16_t)(real_len - curr);
memcpy(wrapper->service_data, &apdu[curr], wrapper->service_data_len);
curr += wrapper->service_data_len;
if (!key_verify_sign_msg(&key, &apdu[-bytes_before],
(uint32_t)(bytes_before + real_len), wrapper->signature)) {
return -SEC_RESP_BAD_SIGNATURE;
}
// return curr;
// }
return curr;
}
#endif
int decode_challenge_request_safe(uint8_t *apdu,
uint32_t apdu_len_remaining,
src/bacnet/datalink/bvlc.c
+2 -2
View File
@@ -661,7 +661,7 @@ int bvlc_broadcast_distribution_table_decode(uint8_t *apdu,
if (len > apdu_len) {
return BACNET_STATUS_REJECT;
}
octetstring_copy_value(&bdt_entry->dest_address.address[0],
(void)octetstring_copy_value(&bdt_entry->dest_address.address[0],
IP_ADDRESS_MAX, &octet_string);
/* host [0] BACnetHostAddress - closing */
if (!decode_is_closing_tag_number(&apdu[len++], 0)) {
@@ -721,7 +721,7 @@ int bvlc_broadcast_distribution_table_decode(uint8_t *apdu,
if (len > apdu_len) {
return BACNET_STATUS_REJECT;
}
octetstring_copy_value(&bdt_entry->broadcast_mask.address[0],
(void)octetstring_copy_value(&bdt_entry->broadcast_mask.address[0],
IP_ADDRESS_MAX, &octet_string);
bdt_entry->valid = true;
/* next entry */
src/bacnet/datalink/cobs.c
+1 -1
View File
@@ -193,7 +193,7 @@ size_t cobs_frame_encode(
* Prepare the Encoded CRC-32K field for transmission.
*/
crc32K = ~crc32K;
cobs_crc32k_encode(crc_buffer, sizeof(crc_buffer), crc32K);
(void)cobs_crc32k_encode(crc_buffer, sizeof(crc_buffer), crc32K);
cobs_crc_len = cobs_encode((uint8_t *)(buffer + cobs_data_len),
buffer_size - cobs_data_len, crc_buffer, sizeof(crc_buffer),
MSTP_PREAMBLE_X55);