* Secured BACnetAssignedAccessRights decoder.
* Secured BACnetPropertyState decoder.
* Secured BACnetCredentialAuthenticationFactor decoder.
* Secured BACnetEventState change-of-state [1] SEQUENCE decoder.
* Secured I-Have-Request service decoder.
* Secured Add/Remove ListElement service request decoder.
* Secured ConfirmedPrivateTransfer-Request and UnconfirmedPrivateTransfer-Request decoders.
* Secured ReadPropertyMultiple-Request and -Ack decoders.
* Secured TimeSynchronization-Request decoder.
* Secured WritePropertyMultiple service decoders
* Secured Trend Log object TL_fetch_property() function.
* Secured ReadProperty-Ack decider,
* Refactor BACnet time sync recipient handling by moving timesync linked list structure into bacdest where the recipient encoder and decoder already existed.
* Secured decoding of BACnetPropertyState.
* Secured decoding in the LifeSafetyOperation-Request service.
* Secured BACnetAuthenticationFactor decoding in the Credential Data Input object.
* Fixed WriteProperty decoder to avoid read buffer overrun. Improved WriteProperty error reporting by adding specific reject codes during decoding similar to WritePropertyMultiple. Deduplicated the WriteProperty handling of abort, reject and error codes.
* Added BACNET_STACK_DEPRECATED_DISABLE guards around all of the deprecated decoding functions to ensure they are not used except intentionally for legacy code bases.
* Changed version to 1.5.0.rc5 for security fix tracking in branch.
* Added Who-Is-Router-To-Network process in basic Notification Class when recipient address is missing the router MAC address.
* Added buffer_length parameter to octet string buffer decode functions
* Fixed BACnet address handling for I-Am-Router address updating the recipient list address for the next hop router.
* Changed VMAC encoding and decoding to use octet string buffer API to reduce stack RAM.
* Added callback API for extending the basic Device object and children with proprietary properties for ReadProperty and WriteProperty services. The callback API includes a function to get the specific proprietary property list for any specific object instance in the device, functions to handle the ReadProperty or WriteProperty of the proprietary property.
* Added a new property_list_function typedef to proplist.h for proprietary property list callbacks
* Removed the object-specific proprietary property implementation from the Loop object
* Added test coverage in the Device test validating the proprietary property API usage
* Added CreateObject and DeleteObject for basic Accumulator objects.
* Added WriteProperty handling for object-name, scale, out-of-service, units, and max-pres-value.
When decoding the optional priority context tag in wp_decode_service_request(), the code passes apdu_len - apdu_size to bacnet_unsigned_context_decode instead of apdu_size - apdu_len. Similar typo in bacnet_action_command_decode().
* Fix stack buffer overflow in Schedule_Weekly_Schedule_Set
The memcpy was using sizeof(BACNET_WEEKLY_SCHEDULE) instead of
sizeof(BACNET_DAILY_SCHEDULE), causing it to read 6784 bytes from
a 968-byte source buffer, leading to stack buffer overflow and
segmentation fault in the test_schedule unit test.
This fixes the test_schedule test failure detected by ASAN:
ERROR: AddressSanitizer: stack-buffer-overflow on address ...
READ of size 6784 at 0x... partially underflows this variable
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Update src/bacnet/basic/object/schedule.c
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---------
Co-authored-by: kent.liu <kent.liu@designlibro.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: Steve Karg <steve@kargs.net>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Added example Device object and property value backup using create-object list-of-initial-values and writable properties. Initiated using ReinitializeDevice with STARTBACKUP command. Added backup and restore required properties to the Device object.
* Fixed fwrite parameters in bacfile_posix_write_stream_data to return the correct number of bytes written.
* Added Device Management-Backup and Restore-B (DM-BR-B) conversion to Wireshark PCAP format command line utility in apps/dmbrcap which decodes and provides a view of the binary backup file.
* Added Send_UEvent_Notify_Device function for device-specific unconfirmed event notifications.
* Fixed event_notify_parse() loop index to start from zero.
* Added device ID binding support in the UEvent command-line application.
* Fixed the UEvent command-line application help output.
* Fixed initialization of event data in the UEvent command-line application by adding static CharacterString for message text and handling the failure case.
* Added Blink.Callback and Blink.Priority to support end-of-blink actions for WARN_OFF/WARN_RELINQUISH. The Blink.Callback is invoked when a blink sequence ends or when a new command interrupts a WARN_OFF/WARN_RELINQUISH in progress.
* Added Lighting Output (LO) WARN_OFF/WARN_RELINQUISH post-egress priority array handling using the Blink.Callback
* Fixed lighting output object lighting-commands for warn-off and warn-relinquish when blink-warn notification shall not occur.
* Fixed timer object task to initiate a write-request at expiration.
* Added channel and timer object write-property observers in blinkt app to monitor internal writes.
* Added vacancy timer command line argument in blinkt app for testing initial timer object vacancy time for lights channel.
* Changed apps to build at protocol-revision 28 to be able to use the lighting output special values by default.
* Fixed blinkt app server name and removed the device.c module which was no longer needed.
* Added debug prints for lighting-output object for present-value and lighting-command property values which may be out-of-range.
* Added API to get the RGB pixel and brightness values from the blinkt interface.
* Fixed Channel object for Color object present-value which does not use coercion.
* Added API to the color-RGB library to convert from ASCII CSS color name to X,Y and brightness.
* Converted the Blinkt example app to use the basic-server. Added a default color name command line option --color that accepts CSS color names. Set the color and brightness at startup.
* Added vacancy timer for lights using timer object defaulted to 30m and started at startup.
* Added enumeration text lookup for BACnetAuthenticationStatus, BACnetAuthorizationMode, BACnetAccessCredentialDisable, BACnetAccessCredentialDisableReason, BACnetAccessUserType, BACnetAccessZoneOccupancyState, BACnetWriteStatus, BACnetIPMode, BACnetDoorValue, BACnetMaintenance, BACnetEscalatorFault, BACnetEscalatorMode, BACnetEscalatorOperationDirection, BACnetBackupState, BACnetSecurityLevel, BACnetLiftCarDirection, BACnetLiftCarDoorCommand, BACnetLiftCarDriveStatus, BACnetLiftCarMode, BACnetLiftFault, BACnetLiftGroupMode, BACnetAuditLevel, BACnetAuditOperation, BACnetSCHubConnectorState, BACnetSCConnectionState, BACnetNodeRelationship, BACnetAction, BACnetFileAccessMethod, BACnetLockStatus, BACnetDoorAlarmState, BACnetDoorStatus, BACnetDoorSecuredStatus, and BACnetAccessEvent.
* Created BINARY_PV_MAX with the same semantic meaning as one more than the last valid enumeration, and deprecated MAX_BINARY_PV usage in the examples.
* Reduced code size by using bactext_property_states_strtoul() instead of individual API for each enumations.
Added a new API for writable property lists across all the basic example object types, preparing for the introduction of a Writable_Property_List property in every object in a future BACnet standard revision.
The lists can be used by backup and restore feature to automatically choose the object property values in the backup that can be restored via internal WriteProperty directly from BACnet CreateObject services with List of Initial Values.
Updated existing device object examples to include these writable property lists.
* Fixed lighting output object lighting-command last-on-value to only
be updated with the last value of the Present_Value property that
was greater than or equal to 1.0%, keeping in mind that the Present_Value
shall indicate the target level of the operation and not the current
value.
Fixes the CreateObject service list-of-initial-values encoding and decoding by refactoring the data structure to be similar to WriteProperty. The implementation changes from using a linked list of property values to using a flat buffer approach with delayed decoding.
Changes:
* Refactored BACNET_CREATE_OBJECT_DATA structure to use an application_data buffer instead of a linked list for initial values
* Added a new create_object_process() and create_object_initializer_list_process() functions to centralize object creation logic and error reporting
* Updated all device implementations to use the new centralized creation functions
* Enhanced the create-object example application to support command-line specification of initial property values
* Added comprehensive test coverage for the new encoding/decoding and processing functions
* Fixed BACnet file object path name unintended path traversals by optionally restricting path name content with BACNET_FILE_PATH_RESTRICTED define.
* Added POSIX file path name checking for AtomicReadFile and AtomicWriteFile example applications. Prohibits use of relative and absolute file paths when BACNET_FILE_PATH_RESTRICTED is non-zero.
* Fixed tokenizer_string() off-by-one buffer overflow when processing string literals longer than the buffer limit.
* Fixed ubasic potential string buffer overflows by using snprintf instead of sprintf.
* Fixed ubasic label strings to use UBASIC_LABEL_LEN_MAX as buffer limit.
* Fixed ubasic string variables to initialize with zeros.
* Fixed compile errors when UBASIC_DEBUG_STRINGVARIABLES is defined.
* Added ubasic string variables user accessor API and unit testing for ubasic string variables.
* Fixed tokenizer_label() off-by-one buffer overflow when processing string literals longer than the buffer limit.
* Fixed lighting-output object blink warn to honor blink-warn-enable.
* Fixed the blink warn logic for a non-zero percent value blink inhibit.
* Fixed the warn relinquish to actually relinquish.
Steve Karg