Bugfix/deprecate decode tag number and value (#481)

* added or updated secure the BACnet primitive value decoders - the core codecs - named bacnet_x_decode(), bacnet_x_application_decode() and bacnet_x_context_decode where x is one of the 13 BACnet primitive value names. The updated API includes an APDU size to prevent over-reading of an APDU buffer while decoding. Improved or added unit test code coverage for the BACnet primitive value decoders. * marked the insecure decoding API as 'deprecated' which is defined in src/bacnet/basic/sys/platform.h and can be disabled during a build. * added secure decoders for BACnetTimeValue, BACnetHostNPort, BACnetTimeStamp, BACnetAddress, and Weekly_Schedule and improved unit test code coverage. * improved test code coverage for BACnet objects and properties. * secured AtomicReadFile and AtomicWriteFile service decoders and improved unit test code coverage. * secured BACnet Error service decoder and improved unit test code coverage. --------- Co-authored-by: Steve Karg <skarg@users.sourceforge.net>
2023-09-08 11:39:27 -05:00
parent bc8c261153
commit f641aacddb
67 changed files with 6103 additions and 3145 deletions
@@ -39,90 +39,151 @@

 /** @file bacerror.c  Encode/Decode BACnet Errors */

-/* encode service */
+/**
+ * @brief Encodes BACnet Error class and code values into a PDU
+ *  From clause 21. FORMAL DESCRIPTION OF APPLICATION PROTOCOL DATA UNITS
+ * 
+ *      Error ::= SEQUENCE {
+ *          -- NOTE: The valid combinations of error-class and error-code 
+ *          -- are defined in Clause 18.
+ *          error-class ENUMERATED,
+ *          error-code ENUMERATED
+ *      }
+ * 
+ * @param apdu - buffer for the data to be encoded, or NULL for length
+ * @param invoke_id - invokeID to be encoded
+ * @param service - BACnet service to be encoded
+ * @param error_class - #BACNET_ERROR_CLASS value to be encoded
+ * @param error_code - #BACNET_ERROR_CODE value to be encoded
+ * @return number of bytes encoded
+ */
 int bacerror_encode_apdu(uint8_t *apdu,
    uint8_t invoke_id,
    BACNET_CONFIRMED_SERVICE service,
    BACNET_ERROR_CLASS error_class,
    BACNET_ERROR_CODE error_code)
 {
-    int apdu_len = 0; /* total length of the apdu, return value */
+    /* length of the specific element of the PDU */
+    int len = 0;
+    /* total length of the apdu, return value */
+    int apdu_len = 0; 

    if (apdu) {
        apdu[0] = PDU_TYPE_ERROR;
        apdu[1] = invoke_id;
        apdu[2] = service;
-        apdu_len = 3;
-        /* service parameters */
-        apdu_len += encode_application_enumerated(&apdu[apdu_len], error_class);
-        apdu_len += encode_application_enumerated(&apdu[apdu_len], error_code);
    }
+    len = 3;
+    apdu_len = len;
+    if (apdu) {
+        apdu += len;
+    }
+    /* service parameters */
+    len = encode_application_enumerated(apdu, error_class);
+    apdu_len += len;
+    if (apdu) {
+        apdu += len;
+    }
+    len = encode_application_enumerated(apdu, error_code);
+    apdu_len += len;

    return apdu_len;
 }

 #if !BACNET_SVC_SERVER
-/* decode the application class and code */
+/**
+ * @brief Decodes from bytes a BACnet Error service APDU
+ *  From clause 21. FORMAL DESCRIPTION OF APPLICATION PROTOCOL DATA UNITS
+ * 
+ *  Error ::= SEQUENCE {
+ *      -- NOTE: The valid combinations of error-class and error-code 
+ *      -- are defined in Clause 18.
+ *      error-class ENUMERATED,
+ *      error-code ENUMERATED
+ *  }
+ *
+ * @param apdu - buffer of data to be decoded
+ * @param apdu_size - number of bytes in the buffer
+ * @param error_class - decoded #BACNET_ERROR_CLASS value
+ * @param error_code - decoded #BACNET_ERROR_CODE value
+ *
+ * @return number of bytes decoded, or #BACNET_STATUS_ERROR (-1) if malformed
+ */
 int bacerror_decode_error_class_and_code(uint8_t *apdu,
-    unsigned apdu_len,
+    unsigned apdu_size,
    BACNET_ERROR_CLASS *error_class,
    BACNET_ERROR_CODE *error_code)
 {
-    int len = 0;
-    uint8_t tag_number = 0;
-    uint32_t len_value_type = 0;
+    int apdu_len = 0;
+    int tag_len = 0;
    uint32_t decoded_value = 0;

-    if (apdu && apdu_len) {
+    if (apdu) {
        /* error class */
-        len += decode_tag_number_and_value(
-            &apdu[len], &tag_number, &len_value_type);
-        if (tag_number != BACNET_APPLICATION_TAG_ENUMERATED) {
-            return 0;
+        tag_len = bacnet_enumerated_application_decode(
+            &apdu[apdu_len], apdu_size-apdu_len, &decoded_value);
+        if (tag_len <= 0) {
+            return BACNET_STATUS_ERROR;
        }
-        len += decode_enumerated(&apdu[len], len_value_type, &decoded_value);
        if (error_class) {
            *error_class = (BACNET_ERROR_CLASS)decoded_value;
        }
+        apdu_len += tag_len;
        /* error code */
-        len += decode_tag_number_and_value(
-            &apdu[len], &tag_number, &len_value_type);
-        if (tag_number != BACNET_APPLICATION_TAG_ENUMERATED) {
-            return 0;
+        tag_len = bacnet_enumerated_application_decode(
+            &apdu[apdu_len], apdu_size - apdu_len, &decoded_value);
+        if (tag_len <= 0) {
+            return BACNET_STATUS_ERROR;
        }
-        len += decode_enumerated(&apdu[len], len_value_type, &decoded_value);
        if (error_code) {
            *error_code = (BACNET_ERROR_CODE)decoded_value;
        }
+        apdu_len += tag_len;
    }

-    return len;
+    return apdu_len;
 }

-/* decode the service request only */
+/**
+ * @brief Decodes from bytes a BACnet Error service
+ * @param apdu - buffer of data to be decoded
+ * @param apdu_size - number of bytes in the buffer
+ * @param invoke_id - decoded invokeID
+ * @param service - decoded BACnet service
+ * @param error_class - decoded #BACNET_ERROR_CLASS value
+ * @param error_code - decoded #BACNET_ERROR_CODE value
+ *
+ * @return number of bytes decoded, or #BACNET_STATUS_ERROR (-1) if malformed
+ */
 int bacerror_decode_service_request(uint8_t *apdu,
-    unsigned apdu_len,
+    unsigned apdu_size,
    uint8_t *invoke_id,
    BACNET_CONFIRMED_SERVICE *service,
    BACNET_ERROR_CLASS *error_class,
    BACNET_ERROR_CODE *error_code)
 {
+    int apdu_len = BACNET_STATUS_ERROR;
    int len = 0;

-    if (apdu && apdu_len > 2) {
+    if (apdu && (apdu_size > 2)) {
        if (invoke_id) {
            *invoke_id = apdu[0];
        }
        if (service) {
            *service = (BACNET_CONFIRMED_SERVICE)apdu[1];
        }
-	len += 2;
-
+        len = 2;
+        apdu_len = len;
        /* decode the application class and code */
-        len += bacerror_decode_error_class_and_code(
-            &apdu[2], apdu_len - 2, error_class, error_code);
+        len = bacerror_decode_error_class_and_code(
+            &apdu[apdu_len], apdu_size - apdu_len, error_class, error_code);
+        if (len > 0) {
+            apdu_len += len;
+        } else {
+            apdu_len = BACNET_STATUS_ERROR;
+        }
    }

-    return len;
+    return apdu_len;
 }
 #endif