Changes to address issues brought up by the security review.
This commit is contained in:
Juan Carlos Luciani
@@ -390,9 +390,9 @@ CChannel::connectionThread(
|
||||
{
|
||||
CChannel *pCChannel = *pSmartCChannel;
|
||||
bool doneReceivingData = false;
|
||||
int32_t bytesReceived;
|
||||
size_t bytesReceived;
|
||||
uint32_t reqId;
|
||||
int32_t payloadLength;
|
||||
uint32_t payloadLength;
|
||||
unsigned long totalPayloadBytesReceived = 0;
|
||||
char reqDataPktHdr[ReqDataPktHdrTemplate.length()];
|
||||
char *pRecvBuff;
|
||||
@@ -747,7 +747,7 @@ CChannel::submitReq(
|
||||
uint32_t reqId,
|
||||
ClientReq &clientReq,
|
||||
char *pClientData,
|
||||
int32_t clientDataLen)
|
||||
uint32_t clientDataLen)
|
||||
//
|
||||
// Arguments:
|
||||
//
|
||||
|
||||
@@ -222,7 +222,7 @@ public:
|
||||
int submitReq(uint32_t reqId,
|
||||
ClientReq &clientReq,
|
||||
char *pClientData,
|
||||
int32_t clientDataLen);
|
||||
uint32_t clientDataLen);
|
||||
|
||||
//
|
||||
// Remove Request routine
|
||||
@@ -237,30 +237,6 @@ public:
|
||||
//
|
||||
void removeReq(uint32_t reqId);
|
||||
|
||||
//
|
||||
// Send Data routine
|
||||
//
|
||||
// Parameters:
|
||||
// reqId (input) -
|
||||
// Id of the Request.
|
||||
//
|
||||
// pClientData (input) -
|
||||
// Pointer to client data that must be sent to
|
||||
// the server. Buffer is NEVER released
|
||||
// by the procedure.
|
||||
//
|
||||
// clientDataLen (input) -
|
||||
// Length of the client data.
|
||||
//
|
||||
//
|
||||
// Abstract: Sends data to the server for a previously
|
||||
// submitted Request.
|
||||
//
|
||||
// Returns: 0 if successful.
|
||||
//
|
||||
int sendData(uint32_t reqId,
|
||||
char *pClientData,
|
||||
int clientDataLen);
|
||||
};
|
||||
typedef SmartPtr<CChannel> SmartCChannel;
|
||||
|
||||
|
||||
@@ -152,22 +152,36 @@ IpcClientOpenUnixRemoteEndPoint(
|
||||
pSocketFileName));
|
||||
|
||||
// Allocate a handle for the endpoint
|
||||
uint32_t handle = remoteEndPointHandleAllocator ++;
|
||||
uint32_t handle = remoteEndPointHandleAllocator + 1;
|
||||
|
||||
// Insert the new RemoteEndPoint into the REP map
|
||||
REPIterBoolPair insertResult;
|
||||
insertResult = repMap.insert(make_pair(handle, pSmartRemoteEndPoint));
|
||||
if (!insertResult.second)
|
||||
// Protect against wrap-around
|
||||
if (handle != 0)
|
||||
{
|
||||
// Insertion failed
|
||||
DbgTrace(0, "IpcClientOpenUnixRemoteEndPoint- Unable to insert RemoteEndPoint into REP\n", 0);
|
||||
delete pSmartRemoteEndPoint;
|
||||
// Insert the new RemoteEndPoint into the REP map
|
||||
REPIterBoolPair insertResult;
|
||||
insertResult = repMap.insert(make_pair(handle, pSmartRemoteEndPoint));
|
||||
if (!insertResult.second)
|
||||
{
|
||||
// Insertion failed
|
||||
DbgTrace(0, "IpcClientOpenUnixRemoteEndPoint- Unable to insert RemoteEndPoint into REP\n", 0);
|
||||
delete pSmartRemoteEndPoint;
|
||||
}
|
||||
else
|
||||
{
|
||||
// RemoteEndPoint inserted in the REP map, success.
|
||||
//
|
||||
// Consume the allocated handle
|
||||
remoteEndPointHandleAllocator ++;
|
||||
*pEndPointHandle = handle;
|
||||
|
||||
retStatus = 0;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
// RemoteEndPoint inserted in the REP map, success.
|
||||
*pEndPointHandle = handle;
|
||||
retStatus = 0;
|
||||
// Handle allocator wrap-around prevented
|
||||
DbgTrace(0, "IpcClientOpenUnixRemoteEndPoint- Handle allocator wrap-around prevented\n", 0);
|
||||
delete pSmartRemoteEndPoint;
|
||||
}
|
||||
} catch (...) {
|
||||
DbgTrace(0, "IpcClientOpenUnixRemoteEndPoint- Exception caught\n", 0);
|
||||
@@ -254,22 +268,35 @@ IpcClientOpenInetRemoteEndPoint(
|
||||
address));
|
||||
|
||||
// Allocate a handle for the endpoint
|
||||
uint32_t handle = remoteEndPointHandleAllocator ++;
|
||||
uint32_t handle = remoteEndPointHandleAllocator + 1;
|
||||
|
||||
// Insert the new RemoteEndPoint into the REP map
|
||||
REPIterBoolPair insertResult;
|
||||
insertResult = repMap.insert(make_pair(handle, pSmartRemoteEndPoint));
|
||||
if (!insertResult.second)
|
||||
// Protect against wrap-around
|
||||
if (handle != 0)
|
||||
{
|
||||
// Insertion failed
|
||||
DbgTrace(0, "IpcClientOpenInetRemoteEndPoint- Unable to insert RemoteEndPoint into REP\n", 0);
|
||||
delete pSmartRemoteEndPoint;
|
||||
// Insert the new RemoteEndPoint into the REP map
|
||||
REPIterBoolPair insertResult;
|
||||
insertResult = repMap.insert(make_pair(handle, pSmartRemoteEndPoint));
|
||||
if (!insertResult.second)
|
||||
{
|
||||
// Insertion failed
|
||||
DbgTrace(0, "IpcClientOpenInetRemoteEndPoint- Unable to insert RemoteEndPoint into REP\n", 0);
|
||||
delete pSmartRemoteEndPoint;
|
||||
}
|
||||
else
|
||||
{
|
||||
// RemoteEndPoint inserted in the REP map, success.
|
||||
//
|
||||
// Consume the allocated handle
|
||||
remoteEndPointHandleAllocator ++;
|
||||
*pEndPointHandle = handle;
|
||||
retStatus = 0;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
// RemoteEndPoint inserted in the REP map, success.
|
||||
*pEndPointHandle = handle;
|
||||
retStatus = 0;
|
||||
// Handle allocator wrap-around prevented
|
||||
DbgTrace(0, "IpcClientOpenInetRemoteEndPoint- Handle allocator wrap-around prevented\n", 0);
|
||||
delete pSmartRemoteEndPoint;
|
||||
}
|
||||
} catch (...) {
|
||||
DbgTrace(0, "IpcClientOpenInetRemoteEndPoint- Exception caught\n", 0);
|
||||
@@ -366,9 +393,9 @@ int
|
||||
IpcClientSubmitReq(
|
||||
IN uint32_t endPointHandle,
|
||||
IN char *pClientData,
|
||||
IN int32_t clientDataLen,
|
||||
IN uint32_t clientDataLen,
|
||||
INOUT char **ppServerData,
|
||||
INOUT int32_t *pServerDataLen)
|
||||
INOUT uint32_t *pServerDataLen)
|
||||
//
|
||||
// Arguments In: endPointHandle - Handle of the remote endpoint that will
|
||||
// be the target of the request.
|
||||
|
||||
@@ -142,7 +142,7 @@ ClientReq::~ClientReq(void)
|
||||
void
|
||||
ClientReq::processServerData(
|
||||
char *pServerData,
|
||||
int32_t serverDataLength)
|
||||
uint32_t serverDataLength)
|
||||
//
|
||||
// Arguments:
|
||||
//
|
||||
@@ -230,7 +230,7 @@ ClientReq::processError(void)
|
||||
int
|
||||
ClientReq::waitForCompletion(
|
||||
char **ppResponseData,
|
||||
int32_t *pResponseDataLength)
|
||||
uint32_t *pResponseDataLength)
|
||||
//
|
||||
// Arguments:
|
||||
//
|
||||
|
||||
@@ -52,7 +52,7 @@ class ClientReq
|
||||
|
||||
// Server Data
|
||||
char *m_pServerData;
|
||||
int32_t m_serverDataLen;
|
||||
uint32_t m_serverDataLen;
|
||||
|
||||
// Flag indicating the state of the submitting
|
||||
// thread.
|
||||
@@ -114,7 +114,7 @@ public:
|
||||
// Returns: Nothing.
|
||||
//
|
||||
void processServerData(char *pServerData,
|
||||
int32_t serverDataLength);
|
||||
uint32_t serverDataLength);
|
||||
|
||||
//
|
||||
// Process Error routine
|
||||
@@ -147,7 +147,7 @@ public:
|
||||
// -1 == Request did not complete gracefully
|
||||
//
|
||||
int waitForCompletion(char **ppResponseData,
|
||||
int32_t *pResponseDataLength);
|
||||
uint32_t *pResponseDataLength);
|
||||
|
||||
//
|
||||
// Completion status
|
||||
|
||||
@@ -336,9 +336,9 @@ RemoteEndPoint::getCChannel(void)
|
||||
int
|
||||
RemoteEndPoint::submitReq(
|
||||
char *pClientData,
|
||||
int32_t clientDataLen,
|
||||
uint32_t clientDataLen,
|
||||
char **ppServerData,
|
||||
int32_t *pServerDataLen)
|
||||
uint32_t *pServerDataLen)
|
||||
//
|
||||
// Arguments:
|
||||
//
|
||||
|
||||
@@ -186,9 +186,9 @@ public:
|
||||
// Note: The routine blocks until the request completes.
|
||||
//
|
||||
int submitReq(char *pClientData,
|
||||
int32_t clientDataLen,
|
||||
uint32_t clientDataLen,
|
||||
char **ppServerData,
|
||||
int32_t *pServerDataLen);
|
||||
uint32_t *pServerDataLen);
|
||||
};
|
||||
typedef SmartPtr<RemoteEndPoint> SmartRemoteEndPoint;
|
||||
|
||||
|
||||
@@ -60,7 +60,7 @@ string ReqErrorPktHdrTemplate = "Type02\r\nReqIdHdr =XXXXXXXX\r\nPayloadLength
|
||||
int
|
||||
ChannelProto::buildReqDataPktHdr(
|
||||
uint32_t reqId,
|
||||
int32_t payloadLength,
|
||||
uint32_t payloadLength,
|
||||
char *pPktHdr)
|
||||
//
|
||||
// Arguments:
|
||||
@@ -133,7 +133,7 @@ ChannelProto::buildReqDataPktHdr(
|
||||
int
|
||||
ChannelProto::buildReqErrorPktHdr(
|
||||
uint32_t reqId,
|
||||
int32_t payloadLength,
|
||||
uint32_t payloadLength,
|
||||
char *pPktHdr)
|
||||
//
|
||||
// Arguments:
|
||||
@@ -281,7 +281,7 @@ ChannelProto::getReqIdAndPayloadLength(
|
||||
char *pBuff,
|
||||
int hdrLength,
|
||||
uint32_t *pReqId,
|
||||
int32_t *pPayloadLength)
|
||||
uint32_t *pPayloadLength)
|
||||
//
|
||||
// Arguments:
|
||||
//
|
||||
@@ -385,16 +385,16 @@ ChannelProto::getReqIdAndPayloadLength(
|
||||
|
||||
// Convert the value to hex
|
||||
errno = 0;
|
||||
long int value = strtol(pValue, NULL, 16);
|
||||
unsigned long int value = strtoul(pValue, NULL, 16);
|
||||
if (errno != 0
|
||||
|| value > INT32_MAX)
|
||||
|| value > UINT32_MAX)
|
||||
{
|
||||
DbgTrace(0, "ChannelProto::getReqIdAndPayloadLength- Invalid payloadLength value, %s\n", pValue);
|
||||
break;
|
||||
}
|
||||
|
||||
// Use the value
|
||||
*pPayloadLength = (int32_t) value;
|
||||
*pPayloadLength = (uint32_t) value;
|
||||
|
||||
// Undo the damage that we did
|
||||
*(pCurr-2) = '\r';
|
||||
|
||||
@@ -80,7 +80,7 @@ public:
|
||||
// Returns: 0 if successful.
|
||||
//
|
||||
static int buildReqDataPktHdr(uint32_t reqId,
|
||||
int32_t payloadLength,
|
||||
uint32_t payloadLength,
|
||||
char *pPktHdr);
|
||||
|
||||
//
|
||||
@@ -104,7 +104,7 @@ public:
|
||||
// Returns: 0 if successful.
|
||||
//
|
||||
static int buildReqErrorPktHdr(uint32_t reqId,
|
||||
int32_t payloadLength,
|
||||
uint32_t payloadLength,
|
||||
char *pPktHdr);
|
||||
|
||||
//
|
||||
@@ -148,7 +148,7 @@ public:
|
||||
static bool getReqIdAndPayloadLength(char *pBuff,
|
||||
int hdrLength,
|
||||
uint32_t *pReqId,
|
||||
int32_t *pPayloadLength);
|
||||
uint32_t *pPayloadLength);
|
||||
};
|
||||
|
||||
|
||||
|
||||
@@ -234,10 +234,10 @@ SChannel::connectionThread(
|
||||
{
|
||||
SChannel *pSChannel = *pSmartSChannel;
|
||||
bool doneReceivingData = false;
|
||||
int32_t bytesReceived;
|
||||
size_t bytesReceived;
|
||||
unsigned long bytesSent;
|
||||
uint32_t reqId;
|
||||
int32_t payloadLength;
|
||||
uint32_t payloadLength;
|
||||
unsigned long totalPayloadBytesReceived = 0;
|
||||
char reqDataPktHdr[ReqDataPktHdrTemplate.length()];
|
||||
char reqErrorPktHdr[ReqErrorPktHdrTemplate.length()];
|
||||
@@ -520,7 +520,7 @@ int
|
||||
SChannel::sendReplyData(
|
||||
uint32_t reqId,
|
||||
char *pServerData,
|
||||
int32_t serverDataLen)
|
||||
uint32_t serverDataLen)
|
||||
//
|
||||
// Arguments:
|
||||
//
|
||||
|
||||
@@ -150,7 +150,7 @@ public:
|
||||
//
|
||||
int sendReplyData(uint32_t reqId,
|
||||
char *pServerData,
|
||||
int32_t serverDataLen);
|
||||
uint32_t serverDataLen);
|
||||
|
||||
//
|
||||
// Send Reply Error routine
|
||||
|
||||
@@ -847,7 +847,7 @@ IpcServerGetRequestData(
|
||||
// L2
|
||||
//=======================================================================--
|
||||
{
|
||||
int32_t reqDataLen = 0;
|
||||
uint32_t reqDataLen = 0;
|
||||
|
||||
DbgTrace(1, "IpcServerGetRequestData- Start, requestId = %0X\n", requestId);
|
||||
|
||||
|
||||
@@ -61,7 +61,7 @@ ServerReq::ServerReq(
|
||||
SChannel *pSChannel,
|
||||
uint32_t reqId,
|
||||
char *pClientData,
|
||||
int32_t clientDataLength) :
|
||||
uint32_t clientDataLength) :
|
||||
|
||||
m_signature (SERVER_REQ_SIGNATURE),
|
||||
m_reqId (reqId),
|
||||
@@ -125,7 +125,7 @@ ServerReq::~ServerReq(void)
|
||||
|
||||
|
||||
//++=======================================================================
|
||||
int
|
||||
uint32_t
|
||||
ServerReq::getReqData(
|
||||
char **ppClientData)
|
||||
//
|
||||
|
||||
@@ -58,7 +58,7 @@ class ServerReq
|
||||
|
||||
// Request Client Data
|
||||
char *m_pClientData;
|
||||
int32_t m_clientDataLength;
|
||||
uint32_t m_clientDataLength;
|
||||
|
||||
public:
|
||||
|
||||
@@ -90,7 +90,7 @@ public:
|
||||
ServerReq(SChannel *pSChannel,
|
||||
uint32_t reqId,
|
||||
char *pClientData,
|
||||
int32_t clientDataLength);
|
||||
uint32_t clientDataLength);
|
||||
|
||||
//
|
||||
// Get request Data routine
|
||||
@@ -105,7 +105,7 @@ public:
|
||||
//
|
||||
// Returns: The length of the client request data. 0 if not successful.
|
||||
//
|
||||
int getReqData(char **ppClientData);
|
||||
uint32_t getReqData(char **ppClientData);
|
||||
|
||||
//
|
||||
// Complete Request routine
|
||||
|
||||
Reference in New Issue
Block a user