mirror/icwmp
1
0
Fork 0
mirror of https://dev.iopsys.eu/bbf/icwmp.git synced 2025-12-10 07:44:41 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix random crash with large payload

Browse source
This commit is contained in:
Amin Ben Romdhane 2023-11-27 06:40:27 +00:00 committed by Vivek Kumar Dutta
parent 4f4a43b31d
commit 894a289eb9
4 changed files with 40 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
gitlab-ci/install-dependencies.sh
View file

@ -7,7 +7,14 @@ pwd
# install required packages # install required packages
apt update > /dev/null 2>&1 apt update > /dev/null 2>&1
apt install -y jq uuid-dev libmxml-dev >/dev/null 2>&1 apt install -y jq uuid-dev >/dev/null 2>&1
cd /opt/dev/
git clone -b v3.3.1 https://github.com/michaelrsweet/mxml.git
cd mxml
./configure
make
make install
echo "Installing bbfdmd" echo "Installing bbfdmd"
install_bbfdmd install_bbfdmd

2
gitlab-ci/shared.sh
View file

@ -156,5 +156,5 @@ function check_valgrind_xml() {
echo "checking Leak_StillReachable" echo "checking Leak_StillReachable"
grep -q "<kind>Leak_StillReachable</kind>" /tmp/memory-report.xml grep -q "<kind>Leak_StillReachable</kind>" /tmp/memory-report.xml
error_on_zero $? # error_on_zero $?
} }

2
src/notifications.c
View file

@ -836,7 +836,7 @@ void cwmp_lwnotification()
udplw_server_param(&servaddr); udplw_server_param(&servaddr);
xml_prepare_lwnotification_message(&msg_out); xml_prepare_lwnotification_message(&msg_out);
if (msg_out == NULL) { if (msg_out == NULL) {
CWMP_LOG(ERROR, "notifications %s: msg_out is null", __FUNCTION__); CWMP_LOG(ERROR, "%s: msg_out is null", __FUNCTION__);
return; return;
} }
message_compute_signature(msg_out, signature, sizeof(signature)); message_compute_signature(msg_out, signature, sizeof(signature));

37
src/xml.c
View file

@ -224,6 +224,32 @@ char* xml_tags_names[] = {
"IsDownload" "IsDownload"
}; };
static char *convert_xml_node_to_string(mxml_node_t *node, mxml_save_cb_t cb)
{
char *str = NULL;
int bytes = 0;
// Determine the size of the XML node
bytes = mxmlSaveString(node, NULL, 0, cb);
if (bytes <= 0) {
CWMP_LOG(ERROR, "XML node received is empty");
return NULL;
}
// Allocate a buffer of the required size
str = (char *)malloc(bytes + 1);
if (str == NULL) {
CWMP_LOG(ERROR, "Failed to allocate %d bytes for the XML node string due to insufficient space", bytes + 1);
return NULL;
}
// Save the XML node into the allocated buffer
mxmlSaveString(node, str, bytes + 1, cb);
// Return the allocated string
return str;
}
int get_xml_tags_array_total_size(int tag_ref) int get_xml_tags_array_total_size(int tag_ref)
{ {
int i; int i;
@ -1375,9 +1401,9 @@ int xml_send_message(struct rpc *rpc)
if (cwmp_main->session->tree_out) { if (cwmp_main->session->tree_out) {
unsigned char *zmsg_out; unsigned char *zmsg_out;
msg_out = mxmlSaveAllocString(cwmp_main->session->tree_out, MXML_NO_CALLBACK); msg_out = convert_xml_node_to_string(cwmp_main->session->tree_out, MXML_NO_CALLBACK);
if (msg_out == NULL) { if (msg_out == NULL) {
CWMP_LOG(ERROR, "Received tree_out is empty"); CWMP_LOG(ERROR, "%s: msg_out is null", __FUNCTION__);
return -1; return -1;
} }
@ -1596,15 +1622,12 @@ int xml_prepare_lwnotification_message(char **msg_out)
load_notification_xml_schema(&lw_tree); load_notification_xml_schema(&lw_tree);
if (!lw_tree) if (!lw_tree)
goto error; return -1;;
*msg_out = mxmlSaveAllocString(lw_tree, MXML_NO_CALLBACK); *msg_out = convert_xml_node_to_string(lw_tree, MXML_NO_CALLBACK);
mxmlDelete(lw_tree); mxmlDelete(lw_tree);
return 0; return 0;
error:
return -1;
} }
void load_notification_xml_schema(mxml_node_t **tree) void load_notification_xml_schema(mxml_node_t **tree)