Skip to content

Commit 70a8730

Browse files
csolercsoler
authored
Merge pull request #254 from jolavillette/FixTLV
fix tlv
2 parents 6fa6a84 + 2f564a3 commit 70a8730

9 files changed

Lines changed: 80 additions & 4 deletions

File tree

src/serialiser/rstlvbase.cc

Lines changed: 23 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -223,6 +223,10 @@ bool GetTlvUInt32(void *data, uint32_t size, uint32_t *offset,
223223
uint16_t tlvtype = GetTlvType(tlvstart);
224224
uint32_t tlvsize = GetTlvSize(tlvstart);
225225

226+
/* check that there is size - SAFE CHECK */
227+
if (tlvsize > size || *offset > size - tlvsize)
228+
return false;
229+
226230
/* check that there is size */
227231
uint32_t tlvend = *offset + tlvsize;
228232
if (size < tlvend)
@@ -315,6 +319,10 @@ bool GetTlvUInt16(void *data, uint32_t size, uint32_t *offset,
315319
uint16_t tlvtype = GetTlvType(tlvstart);
316320
uint32_t tlvsize = GetTlvSize(tlvstart);
317321

322+
/* check that there is size - SAFE CHECK */
323+
if (tlvsize > size || *offset > size - tlvsize)
324+
return false;
325+
318326
/* check that there is size */
319327
uint32_t tlvend = *offset + tlvsize;
320328
if (size < tlvend)
@@ -425,6 +433,10 @@ bool GetTlvUInt64(void *data, uint32_t size, uint32_t *offset,
425433
uint16_t tlvtype = GetTlvType(tlvstart);
426434
uint32_t tlvsize = GetTlvSize(tlvstart);
427435

436+
/* check that there is size - SAFE CHECK */
437+
if (tlvsize > size || *offset > size - tlvsize)
438+
return false;
439+
428440
/* check that there is size */
429441
uint32_t tlvend = *offset + tlvsize;
430442
if (size < tlvend)
@@ -567,17 +579,17 @@ bool GetTlvString(const void *data, uint32_t size, uint32_t *offset,
567579
uint32_t tlvsize = GetTlvSize(tlvstart);
568580

569581
/* check that there is size */
570-
uint32_t tlvend = *offset + tlvsize;
571-
if (size < tlvend)
582+
if (tlvsize > size || *offset > size - tlvsize)
572583
{
573584
#ifdef TLV_BASE_DEBUG
574585
std::cerr << "GetTlvString() FAILED - not enough space" << std::endl;
575586
std::cerr << "GetTlvString() size: " << size << std::endl;
576587
std::cerr << "GetTlvString() tlvsize: " << tlvsize << std::endl;
577-
std::cerr << "GetTlvString() tlvend: " << tlvend << std::endl;
588+
std::cerr << "GetTlvString() offset: " << *offset << std::endl;
578589
#endif
579590
return false;
580591
}
592+
uint32_t tlvend = *offset + tlvsize;
581593

582594
if (type != tlvtype)
583595
{
@@ -863,6 +875,10 @@ bool GetTlvIpAddrPortV4(void *data, uint32_t size, uint32_t *offset,
863875
uint16_t tlvtype = GetTlvType(tlvstart);
864876
uint32_t tlvsize = GetTlvSize(tlvstart);
865877

878+
/* check that there is size - SAFE CHECK */
879+
if (tlvsize > size || *offset > size - tlvsize)
880+
return false;
881+
866882
/* check that there is size */
867883
uint32_t tlvend = *offset + tlvsize;
868884
if (size < tlvend)
@@ -961,6 +977,10 @@ bool GetTlvIpAddrPortV6(void *data, uint32_t size, uint32_t *offset,
961977
uint16_t tlvtype = GetTlvType(tlvstart);
962978
uint32_t tlvsize = GetTlvSize(tlvstart);
963979

980+
/* check that there is size - SAFE CHECK */
981+
if (tlvsize > size || *offset > size - tlvsize)
982+
return false;
983+
964984
/* check that there is size */
965985
uint32_t tlvend = *offset + tlvsize;
966986
if (size < tlvend)

src/serialiser/rstlvbinary.cc

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -144,6 +144,10 @@ bool RsTlvBinaryData::GetTlv(void *data, uint32_t size, uint32_t *offset)
144144

145145
uint16_t tlvtype_in = GetTlvType( &(((uint8_t *) data)[*offset]) );
146146
uint32_t tlvsize = GetTlvSize( &(((uint8_t *) data)[*offset]) );
147+
/* check that there is size */
148+
if (tlvsize > size || *offset > size - tlvsize)
149+
return false; /* not enough space */
150+
147151
uint32_t tlvend = *offset + tlvsize;
148152

149153
if (size < tlvend) /* check size */
@@ -273,6 +277,11 @@ bool RsTlvBinaryDataRef::GetTlv(void *data, uint32_t size, uint32_t *offset)
273277

274278
uint16_t tlvtype_in = GetTlvType( &(((uint8_t *) data)[*offset]) );
275279
uint32_t tlvsize = GetTlvSize( &(((uint8_t *) data)[*offset]) );
280+
281+
/* check that there is size */
282+
if (tlvsize > size || *offset > size - tlvsize)
283+
return false; /* not enough space */
284+
276285
uint32_t tlvend = *offset + tlvsize;
277286

278287
if (size < tlvend) /* check size */

src/serialiser/rstlvfileitem.cc

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -266,6 +266,11 @@ bool RsTlvFileItem::GetTlv(void *data, uint32_t size, uint32_t *offset)
266266
{
267267
uint16_t tlvtype = GetTlvType( &(((uint8_t *) data)[*offset]) );
268268
uint32_t tlvsize = GetTlvSize( &(((uint8_t *) data)[*offset]) );
269+
270+
/* check that there is size */
271+
if (tlvsize > size || *offset > size - tlvsize)
272+
return false; /* not enough space */
273+
269274
uint32_t tlvend = *offset + tlvsize;
270275

271276
if (size < tlvend) /* check size */
@@ -469,6 +474,11 @@ bool RsTlvFileSet::GetTlv(void *data, uint32_t size, uint32_t *offset)
469474

470475
uint16_t tlvtype = GetTlvType( &(((uint8_t *) data)[*offset]) );
471476
uint32_t tlvsize = GetTlvSize( &(((uint8_t *) data)[*offset]) );
477+
478+
/* check that there is size */
479+
if (tlvsize > size || *offset > size - tlvsize)
480+
return false; /* not enough space */
481+
472482
uint32_t tlvend = *offset + tlvsize;
473483

474484
if (size < tlvend) /* check size */
@@ -641,6 +651,11 @@ bool RsTlvFileData::GetTlv(void *data, uint32_t size, uint32_t *offset)
641651

642652
uint16_t tlvtype = GetTlvType( &(((uint8_t *) data)[*offset]) );
643653
uint32_t tlvsize = GetTlvSize( &(((uint8_t *) data)[*offset]) );
654+
655+
/* check that there is size */
656+
if (tlvsize > size || *offset > size - tlvsize)
657+
return false; /* not enough space */
658+
644659
uint32_t tlvend = *offset + tlvsize;
645660

646661
if (size < tlvend) /* check size */

src/serialiser/rstlvidset.cc

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -80,6 +80,11 @@ bool RsTlvServiceIdSet::GetTlv(void *data, uint32_t size, uint32_t *offset)
8080

8181
uint16_t tlvtype = GetTlvType( &(((uint8_t *) data)[*offset]) );
8282
uint32_t tlvsize = GetTlvSize( &(((uint8_t *) data)[*offset]) );
83+
84+
/* check that there is size */
85+
if (tlvsize > size || *offset > size - tlvsize)
86+
return false; /* not enough space */
87+
8388
uint32_t tlvend = *offset + tlvsize;
8489

8590
if (size < tlvend) /* check size */

src/serialiser/rstlvimage.cc

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -118,6 +118,11 @@ bool RsTlvImage::GetTlv(void *data, uint32_t size, uint32_t *offset)
118118

119119
uint16_t tlvtype = GetTlvType( &(((uint8_t *) data)[*offset]) );
120120
uint32_t tlvsize = GetTlvSize( &(((uint8_t *) data)[*offset]) );
121+
122+
/* check that there is size */
123+
if (tlvsize > size || *offset > size - tlvsize)
124+
return false; /* not enough space */
125+
121126
uint32_t tlvend = *offset + tlvsize;
122127

123128
if (size < tlvend) /* check size */

src/serialiser/rstlvitem.cc

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -131,6 +131,11 @@ bool RsTlvUnit::GetTlv(void *data, uint32_t size, uint32_t *offset)
131131

132132
uint16_t tlvtype = GetTlvType( &(((uint8_t *) data)[*offset]) );
133133
uint32_t tlvsize = GetTlvSize( &(((uint8_t *) data)[*offset]) );
134+
135+
/* check that there is size */
136+
if (tlvsize > size || *offset > size - tlvsize)
137+
return false; /* not enough space */
138+
134139
uint32_t tlvend = *offset + tlvsize;
135140

136141
if (size < tlvend) /* check size */

src/serialiser/rstlvkeys.cc

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -119,6 +119,10 @@ bool RsTlvRSAKey::GetTlv(void *data, uint32_t size, uint32_t *offset)
119119

120120
uint16_t tlvtype = GetTlvType( &(((uint8_t *) data)[*offset]) );
121121
uint32_t tlvsize = GetTlvSize( &(((uint8_t *) data)[*offset]) );
122+
/* check that there is size */
123+
if (tlvsize > size || *offset > size - tlvsize)
124+
return false; /* not enough space */
125+
122126
uint32_t tlvend = *offset + tlvsize;
123127

124128
if (size < tlvend) /* check size */

src/serialiser/rstlvkeyvalue.cc

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -78,6 +78,11 @@ bool RsTlvKeyValue::GetTlv(void *data, uint32_t size, uint32_t *offset)
7878

7979
uint16_t tlvtype = GetTlvType( &(((uint8_t *) data)[*offset]) );
8080
uint32_t tlvsize = GetTlvSize( &(((uint8_t *) data)[*offset]) );
81+
82+
/* check that there is size */
83+
if (tlvsize > size || *offset > size - tlvsize)
84+
return false; /* not enough space */
85+
8186
uint32_t tlvend = *offset + tlvsize;
8287

8388
if (size < tlvend) /* check size */
@@ -217,6 +222,11 @@ bool RsTlvKeyValueSet::GetTlv(void *data, uint32_t size, uint32_t *offset)
217222

218223
uint16_t tlvtype = GetTlvType( &(((uint8_t *) data)[*offset]) );
219224
uint32_t tlvsize = GetTlvSize( &(((uint8_t *) data)[*offset]) );
225+
226+
/* check that there is size */
227+
if (tlvsize > size || *offset > size - tlvsize)
228+
return false; /* not enough space */
229+
220230
uint32_t tlvend = *offset + tlvsize;
221231

222232
if (size < tlvend) /* check size */

src/serialiser/rstlvstring.cc

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -97,9 +97,12 @@ bool RsTlvStringSet::GetTlv(void *data, uint32_t size, uint32_t *offset)
9797

9898
uint16_t tlvtype = GetTlvType( &(((uint8_t *) data)[*offset]) );
9999
uint32_t tlvsize = GetTlvSize( &(((uint8_t *) data)[*offset]) );
100-
uint32_t tlvend = *offset + tlvsize;
101100

101+
/* check that there is size */
102+
if (tlvsize > size || *offset > size - tlvsize)
103+
return false; /* not enough space */
102104

105+
uint32_t tlvend = *offset + tlvsize;
103106

104107
if (size < tlvend) /* check size */
105108
return false; /* not enough space */

0 commit comments

Comments
 (0)