summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Muck <christian.muck@bmw.de>2012-03-21 09:49:13 +0100
committerChristian Muck <christian.muck@bmw.de>2012-03-21 09:49:13 +0100
commit3c10728ba6ebace39a88cf049a2e719c80e0ca41 (patch)
tree1dee4776172db3f3ef618a03d3bcf2365c08b6fb
parent5b6522ad518a6e565f3505b9b3f6ef7580754968 (diff)
downloadDLT-daemon-3c10728ba6ebace39a88cf049a2e719c80e0ca41.tar.gz
Fixed bug with comparinson between signed and unsigned integer and protection for a buffer overflow.
Signed-off-by: Christian Muck <christian.muck@bmw.de>
-rwxr-xr-xsrc/daemon/dlt-daemon.c16
-rwxr-xr-xsrc/daemon/dlt_daemon_common.c10
-rwxr-xr-xsrc/lib/dlt_user.c26
-rwxr-xr-xsrc/shared/dlt_common.c17
-rw-r--r--src/shared/dlt_offline_trace.c2
-rwxr-xr-xsrc/shared/dlt_user_shared.c4
6 files changed, 41 insertions, 34 deletions
diff --git a/src/daemon/dlt-daemon.c b/src/daemon/dlt-daemon.c
index 4308171..c691162 100755
--- a/src/daemon/dlt-daemon.c
+++ b/src/daemon/dlt-daemon.c
@@ -1184,7 +1184,7 @@ int dlt_daemon_process_user_messages(DltDaemon *daemon, DltDaemonLocal *daemon_l
/* look through buffer as long as data is in there */
do
{
- if (daemon_local->receiver.bytesRcvd < sizeof(DltUserHeader))
+ if (daemon_local->receiver.bytesRcvd < (int32_t)sizeof(DltUserHeader))
{
break;
}
@@ -1204,7 +1204,7 @@ int dlt_daemon_process_user_messages(DltDaemon *daemon, DltDaemonLocal *daemon_l
offset++;
}
- while ((sizeof(DltUserHeader)+offset)<=daemon_local->receiver.bytesRcvd);
+ while ((int32_t)(sizeof(DltUserHeader)+offset)<=daemon_local->receiver.bytesRcvd);
/* Check for user header pattern */
if (dlt_user_check_userheader(userheader)==0)
@@ -1391,7 +1391,7 @@ int dlt_daemon_process_user_message_register_application(DltDaemon *daemon, DltD
return -1;
}
- if (daemon_local->receiver.bytesRcvd < (sizeof(DltUserHeader)+sizeof(DltUserControlMsgRegisterApplication)))
+ if (daemon_local->receiver.bytesRcvd < (int32_t)(sizeof(DltUserHeader)+sizeof(DltUserControlMsgRegisterApplication)))
{
/* Not enough bytes received */
return -1;
@@ -1451,7 +1451,7 @@ int dlt_daemon_process_user_message_register_context(DltDaemon *daemon, DltDaemo
return -1;
}
- if (daemon_local->receiver.bytesRcvd < (sizeof(DltUserHeader)+sizeof(DltUserControlMsgRegisterContext)))
+ if (daemon_local->receiver.bytesRcvd < (int32_t)(sizeof(DltUserHeader)+sizeof(DltUserControlMsgRegisterContext)))
{
/* Not enough bytes received */
return -1;
@@ -1623,7 +1623,7 @@ int dlt_daemon_process_user_message_unregister_application(DltDaemon *daemon, Dl
return -1;
}
- if (daemon_local->receiver.bytesRcvd < (sizeof(DltUserHeader)+sizeof(DltUserControlMsgUnregisterApplication)))
+ if (daemon_local->receiver.bytesRcvd < (int32_t)(sizeof(DltUserHeader)+sizeof(DltUserControlMsgUnregisterApplication)))
{
/* Not enough bytes received */
return -1;
@@ -1691,7 +1691,7 @@ int dlt_daemon_process_user_message_unregister_context(DltDaemon *daemon, DltDae
return -1;
}
- if (daemon_local->receiver.bytesRcvd < (sizeof(DltUserHeader)+sizeof(DltUserControlMsgUnregisterContext)))
+ if (daemon_local->receiver.bytesRcvd < (int32_t)(sizeof(DltUserHeader)+sizeof(DltUserControlMsgUnregisterContext)))
{
/* Not enough bytes received */
return -1;
@@ -2098,7 +2098,7 @@ int dlt_daemon_process_user_message_set_app_ll_ts(DltDaemon *daemon, DltDaemonLo
return -1;
}
- if (daemon_local->receiver.bytesRcvd < (sizeof(DltUserHeader)+sizeof(DltUserControlMsgAppLogLevelTraceStatus )))
+ if (daemon_local->receiver.bytesRcvd < (int32_t)(sizeof(DltUserHeader)+sizeof(DltUserControlMsgAppLogLevelTraceStatus )))
{
/* Not enough bytes receeived */
return -1;
@@ -2164,7 +2164,7 @@ int dlt_daemon_process_user_message_log_mode(DltDaemon *daemon, DltDaemonLocal *
return -1;
}
- if (daemon_local->receiver.bytesRcvd < (sizeof(DltUserHeader)+sizeof(DltUserControlMsgUnregisterContext)))
+ if (daemon_local->receiver.bytesRcvd < (int32_t)(sizeof(DltUserHeader)+sizeof(DltUserControlMsgUnregisterContext)))
{
/* Not enough bytes received */
return -1;
diff --git a/src/daemon/dlt_daemon_common.c b/src/daemon/dlt_daemon_common.c
index 1de6aea..1c6b192 100755
--- a/src/daemon/dlt_daemon_common.c
+++ b/src/daemon/dlt_daemon_common.c
@@ -225,7 +225,7 @@ int dlt_daemon_free(DltDaemon *daemon,int verbose)
int dlt_daemon_applications_clear(DltDaemon *daemon,int verbose)
{
- uint32_t i;
+ int i;
PRINT_FUNCTION_VERBOSE(verbose);
@@ -477,7 +477,7 @@ int dlt_daemon_applications_load(DltDaemon *daemon,const char *filename, int ver
int dlt_daemon_applications_save(DltDaemon *daemon,const char *filename, int verbose)
{
FILE *fd;
- uint32_t i;
+ int i;
char apid[DLT_ID_SIZE+1]; /* DLT_ID_SIZE+1, because the 0-termination is required here */
@@ -800,7 +800,7 @@ int dlt_daemon_contexts_load(DltDaemon *daemon,const char *filename, int verbose
int dlt_daemon_contexts_save(DltDaemon *daemon,const char *filename, int verbose)
{
FILE *fd;
- uint32_t i;
+ int i;
char apid[DLT_ID_SIZE+1], ctid[DLT_ID_SIZE+1]; /* DLT_ID_SIZE+1, because the 0-termination is required here */
@@ -1028,7 +1028,7 @@ int dlt_daemon_control_process_control(int sock, DltDaemon *daemon, DltMessage *
return -1;
}
- if (msg->datasize<sizeof(uint32_t))
+ if (msg->datasize < (int32_t)sizeof(uint32_t))
{
return -1;
}
@@ -1402,7 +1402,7 @@ void dlt_daemon_control_set_default_log_level(int sock, DltDaemon *daemon, DltMe
req = (DltServiceSetDefaultLogLevel*) (msg->databuffer);
/* No endianess conversion necessary */
- if ((req->log_level>=0) &&
+ if (/*(req->log_level>=0) &&*/
(req->log_level<=DLT_LOG_VERBOSE))
{
daemon->default_log_level = req->log_level; /* No endianess conversion necessary */
diff --git a/src/lib/dlt_user.c b/src/lib/dlt_user.c
index 5de8561..dc65cab 100755
--- a/src/lib/dlt_user.c
+++ b/src/lib/dlt_user.c
@@ -377,7 +377,7 @@ int dlt_user_atexit_blow_out_user_buffer(void){
int dlt_free(void)
{
- int i;
+ uint32_t i;
char filename[DLT_USER_MAX_FILENAME_LENGTH];
if (dlt_user_initialised==0)
@@ -525,7 +525,7 @@ int dlt_register_context(DltContext *handle, const char *contextid, const char *
int dlt_register_context_ll_ts(DltContext *handle, const char *contextid, const char * description, int loglevel, int tracestatus)
{
DltContextData log;
- int i;
+ uint32_t i;
int registered,ret;
char ctid[DLT_ID_SIZE+1];
@@ -811,7 +811,7 @@ int dlt_unregister_context(DltContext *handle)
int dlt_set_application_ll_ts_limit(DltLogLevelType loglevel, DltTraceStatusType tracestatus)
{
- int i;
+ uint32_t i;
int ret;
if (dlt_user_initialised==0)
@@ -1619,7 +1619,7 @@ int dlt_register_injection_callback(DltContext *handle, uint32_t service_id,
int (*dlt_injection_callback)(uint32_t service_id, void *data, uint32_t length))
{
DltContextData log;
- int i,j,k;
+ uint32_t i,j,k;
int found = 0;
DltUserInjectionCallback *old;
@@ -2600,7 +2600,7 @@ int dlt_user_log_check_user_message(void)
int offset=0;
int leave_while=0;
- int i;
+ uint32_t i;
DltUserHeader *userheader;
DltReceiver *receiver = &(dlt_user.receiver);
@@ -2624,7 +2624,7 @@ int dlt_user_log_check_user_message(void)
/* look through buffer as long as data is in there */
while (1)
{
- if (receiver->bytesRcvd < sizeof(DltUserHeader))
+ if (receiver->bytesRcvd < (int32_t)sizeof(DltUserHeader))
{
break;
}
@@ -2643,7 +2643,7 @@ int dlt_user_log_check_user_message(void)
offset++;
}
- while ((sizeof(DltUserHeader)+offset)<=receiver->bytesRcvd);
+ while ((int32_t)(sizeof(DltUserHeader)+offset)<=receiver->bytesRcvd);
/* Check for user header pattern */
if (dlt_user_check_userheader(userheader)==0)
@@ -2662,7 +2662,7 @@ int dlt_user_log_check_user_message(void)
{
case DLT_USER_MESSAGE_LOG_LEVEL:
{
- if (receiver->bytesRcvd < (sizeof(DltUserHeader)+sizeof(DltUserControlMsgLogLevel)))
+ if (receiver->bytesRcvd < (int32_t)(sizeof(DltUserHeader)+sizeof(DltUserControlMsgLogLevel)))
{
leave_while=1;
break;
@@ -2675,7 +2675,7 @@ int dlt_user_log_check_user_message(void)
{
DLT_SEM_LOCK();
- if ((usercontextll->log_level_pos>=0) && (usercontextll->log_level_pos<dlt_user.dlt_ll_ts_num_entries))
+ if ((usercontextll->log_level_pos >= 0) && (usercontextll->log_level_pos < (int32_t)dlt_user.dlt_ll_ts_num_entries))
{
// printf("Store ll, ts\n");
if (dlt_user.dlt_ll_ts)
@@ -2698,7 +2698,7 @@ int dlt_user_log_check_user_message(void)
case DLT_USER_MESSAGE_INJECTION:
{
/* At least, user header, user context, and service id and data_length of injected message is available */
- if (receiver->bytesRcvd < (sizeof(DltUserHeader)+sizeof(DltUserControlMsgInjection)))
+ if (receiver->bytesRcvd < (int32_t)(sizeof(DltUserHeader)+sizeof(DltUserControlMsgInjection)))
{
leave_while = 1;
break;
@@ -2711,7 +2711,7 @@ int dlt_user_log_check_user_message(void)
if (userbuffer!=0)
{
- if (receiver->bytesRcvd < (sizeof(DltUserHeader)+sizeof(DltUserControlMsgInjection)+usercontextinj->data_length_inject))
+ if (receiver->bytesRcvd < (int32_t)(sizeof(DltUserHeader)+sizeof(DltUserControlMsgInjection)+usercontextinj->data_length_inject))
{
leave_while = 1;
break;
@@ -2767,7 +2767,7 @@ int dlt_user_log_check_user_message(void)
case DLT_USER_MESSAGE_LOG_STATE:
{
/* At least, user header, user context, and service id and data_length of injected message is available */
- if (receiver->bytesRcvd < (sizeof(DltUserHeader)+sizeof(DltUserControlMsgLogState)))
+ if (receiver->bytesRcvd < (int32_t)(sizeof(DltUserHeader)+sizeof(DltUserControlMsgLogState)))
{
leave_while = 1;
break;
@@ -2875,7 +2875,7 @@ int dlt_user_log_resend_buffer(void)
void dlt_user_log_reattach_to_daemon(void)
{
- int num,reregistered=0;
+ uint32_t num,reregistered=0;
DltContext handle;
DltContextData log_new;
diff --git a/src/shared/dlt_common.c b/src/shared/dlt_common.c
index 033ea1f..2f517bc 100755
--- a/src/shared/dlt_common.c
+++ b/src/shared/dlt_common.c
@@ -2203,6 +2203,13 @@ int dlt_receiver_remove(DltReceiver *receiver,int size)
return -1;
}
+ if (size>receiver->bytesRcvd)
+ {
+ receiver->buf = receiver->buf + receiver->bytesRcvd;
+ receiver->bytesRcvd=0;
+ return -1;
+ }
+
receiver->bytesRcvd = receiver->bytesRcvd - size;
receiver->buf = receiver->buf + size;
@@ -2400,7 +2407,7 @@ int dlt_buffer_free_dynamic(DltBuffer *buf)
void dlt_buffer_write_block(DltBuffer *buf,int *write, const unsigned char *data,unsigned int size)
{
- if((*write+size) <= buf->size) {
+ if((int)(*write+size) <= buf->size) {
// write one block
memcpy(buf->mem+*write,data,size);
*write += size;
@@ -2415,7 +2422,7 @@ void dlt_buffer_write_block(DltBuffer *buf,int *write, const unsigned char *data
void dlt_buffer_read_block(DltBuffer *buf,int *read,unsigned char *data,unsigned int size)
{
- if((*read+size) <= buf->size) {
+ if((int)(*read+size) <= buf->size) {
// read one block
memcpy(data,buf->mem+*read,size);
*read += size;
@@ -2577,7 +2584,7 @@ int dlt_buffer_push3(DltBuffer *buf,const unsigned char *data1,unsigned int size
free_size = buf->size - write + read;
// check size
- if(free_size < (sizeof(DltBufferBlockHead)+size1+size2+size3)) {
+ if(free_size < (int)(sizeof(DltBufferBlockHead)+size1+size2+size3)) {
// try to increase size if possible
if(dlt_buffer_increase_size(buf)) {
/* increase size is not possible */
@@ -2651,7 +2658,7 @@ int dlt_buffer_get(DltBuffer *buf,unsigned char *data, int max_size,int delete)
used_size = buf->size - read + write;
// first check size
- if(used_size < (sizeof(DltBufferBlockHead))) {
+ if(used_size < (int)(sizeof(DltBufferBlockHead))) {
dlt_log(LOG_ERR,"Buffer: Size check 1 failed\n");
dlt_buffer_reset(buf);
return -1; // ERROR
@@ -2675,7 +2682,7 @@ int dlt_buffer_get(DltBuffer *buf,unsigned char *data, int max_size,int delete)
}
// second check size
- if(used_size < (sizeof(DltBufferBlockHead)+head.size)) {
+ if(used_size < (int)(sizeof(DltBufferBlockHead)+head.size)) {
dlt_log(LOG_ERR,"Buffer: Size check 2 failed\n");
dlt_buffer_reset(buf);
return -1; // ERROR
diff --git a/src/shared/dlt_offline_trace.c b/src/shared/dlt_offline_trace.c
index 5f7f5b5..5d4c76a 100644
--- a/src/shared/dlt_offline_trace.c
+++ b/src/shared/dlt_offline_trace.c
@@ -169,7 +169,7 @@ int dlt_offline_trace_delete_oldest_file(DltOfflineTrace *trace) {
int dlt_offline_trace_check_size(DltOfflineTrace *trace) {
/* check size of complete offline trace */
- while(dlt_offline_trace_get_total_size(trace) > (trace->maxSize-trace->fileSize))
+ while((int)dlt_offline_trace_get_total_size(trace) > (trace->maxSize-trace->fileSize))
{
/* remove oldest files as long as new file will not fit in completely into complete offline trace */
if(dlt_offline_trace_delete_oldest_file(trace)<0) {
diff --git a/src/shared/dlt_user_shared.c b/src/shared/dlt_user_shared.c
index 5afc828..e743dfc 100755
--- a/src/shared/dlt_user_shared.c
+++ b/src/shared/dlt_user_shared.c
@@ -125,7 +125,7 @@ int dlt_user_check_userheader(DltUserHeader *userheader)
DltReturnValue dlt_user_log_out2(int handle, void *ptr1, size_t len1, void* ptr2, size_t len2)
{
struct iovec iov[2];
- int bytes_written;
+ uint32_t bytes_written;
if (handle<=0)
{
@@ -151,7 +151,7 @@ DltReturnValue dlt_user_log_out2(int handle, void *ptr1, size_t len1, void* ptr2
DltReturnValue dlt_user_log_out3(int handle, void *ptr1, size_t len1, void* ptr2, size_t len2, void *ptr3, size_t len3)
{
struct iovec iov[3];
- int bytes_written;
+ uint32_t bytes_written;
if (handle<=0)
{