summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoel Fischer <joeljfischer@gmail.com>2019-05-31 09:41:55 -0400
committerJoel Fischer <joeljfischer@gmail.com>2019-05-31 09:41:55 -0400
commit87f6a919f158237dc18c2e11caed23b1eb947805 (patch)
treeb7b637606ea0ee337a18260c3926c68c157b7456
parentea18212f1ebfaf2e1a4f24590769fb421f9b4a2f (diff)
downloadsdl_ios-feature/issue_1285_prevent_buffer_overruns.tar.gz
Fix using uninitialized objects on pre protocol v5 head unitsfeature/issue_1285_prevent_buffer_overruns
Diffstat
-rw-r--r--SmartDeviceLink/SDLControlFramePayloadAudioStartServiceAck.m5
-rw-r--r--SmartDeviceLink/SDLControlFramePayloadEndService.m5
-rw-r--r--SmartDeviceLink/SDLControlFramePayloadNak.m5
-rw-r--r--SmartDeviceLink/SDLControlFramePayloadRPCStartService.m5
-rw-r--r--SmartDeviceLink/SDLControlFramePayloadRPCStartServiceAck.m5
-rw-r--r--SmartDeviceLink/SDLControlFramePayloadRegisterSecondaryTransportNak.m5
-rw-r--r--SmartDeviceLink/SDLControlFramePayloadTransportEventUpdate.m5
-rw-r--r--SmartDeviceLink/SDLControlFramePayloadVideoStartService.m5
-rw-r--r--SmartDeviceLink/SDLControlFramePayloadVideoStartServiceAck.m5
9 files changed, 36 insertions, 9 deletions
diff --git a/SmartDeviceLink/SDLControlFramePayloadAudioStartServiceAck.m b/SmartDeviceLink/SDLControlFramePayloadAudioStartServiceAck.m
index d28524f81..2dd186b1f 100644
--- a/SmartDeviceLink/SDLControlFramePayloadAudioStartServiceAck.m
+++ b/SmartDeviceLink/SDLControlFramePayloadAudioStartServiceAck.m
@@ -66,7 +66,10 @@ NS_ASSUME_NONNULL_BEGIN
- (void)sdl_parse:(NSData *)data {
BsonObject payloadObject;
- bson_object_from_bytes_len(&payloadObject, (BytePtr)data.bytes, data.length);
+ size_t retval = bson_object_from_bytes_len(&payloadObject, (BytePtr)data.bytes, data.length);
+ if (retval <= 0) {
+ return;
+ }
self.mtu = bson_object_get_int64(&payloadObject, SDLControlFrameMTUKey);
diff --git a/SmartDeviceLink/SDLControlFramePayloadEndService.m b/SmartDeviceLink/SDLControlFramePayloadEndService.m
index d7e9aef48..cabfb09df 100644
--- a/SmartDeviceLink/SDLControlFramePayloadEndService.m
+++ b/SmartDeviceLink/SDLControlFramePayloadEndService.m
@@ -66,7 +66,10 @@ NS_ASSUME_NONNULL_BEGIN
- (void)sdl_parse:(NSData *)data {
BsonObject payloadObject;
- bson_object_from_bytes_len(&payloadObject, (BytePtr)data.bytes, data.length);
+ size_t retval = bson_object_from_bytes_len(&payloadObject, (BytePtr)data.bytes, data.length);
+ if (retval <= 0) {
+ return;
+ }
self.hashId = bson_object_get_int32(&payloadObject, SDLControlFrameHashIdKey);
diff --git a/SmartDeviceLink/SDLControlFramePayloadNak.m b/SmartDeviceLink/SDLControlFramePayloadNak.m
index eefda10e6..55b9a6dad 100644
--- a/SmartDeviceLink/SDLControlFramePayloadNak.m
+++ b/SmartDeviceLink/SDLControlFramePayloadNak.m
@@ -71,7 +71,10 @@ NS_ASSUME_NONNULL_BEGIN
- (void)sdl_parse:(NSData *)data {
BsonObject payloadObject;
- bson_object_from_bytes_len(&payloadObject, (BytePtr)data.bytes, data.length);
+ size_t retval = bson_object_from_bytes_len(&payloadObject, (BytePtr)data.bytes, data.length);
+ if (retval <= 0) {
+ return;
+ }
BsonArray *arrayObject = bson_object_get_array(&payloadObject, SDLControlFrameRejectedParams);
if (arrayObject == NULL) {
diff --git a/SmartDeviceLink/SDLControlFramePayloadRPCStartService.m b/SmartDeviceLink/SDLControlFramePayloadRPCStartService.m
index ea4fe6f25..6409884d0 100644
--- a/SmartDeviceLink/SDLControlFramePayloadRPCStartService.m
+++ b/SmartDeviceLink/SDLControlFramePayloadRPCStartService.m
@@ -65,7 +65,10 @@ NS_ASSUME_NONNULL_BEGIN
- (void)sdl_parse:(NSData *)data {
BsonObject payloadObject;
- bson_object_from_bytes_len(&payloadObject, (BytePtr)data.bytes, data.length);
+ size_t retval = bson_object_from_bytes_len(&payloadObject, (BytePtr)data.bytes, data.length);
+ if (retval <= 0) {
+ return;
+ }
char *utf8String = bson_object_get_string(&payloadObject, SDLControlFrameProtocolVersionKey);
if (utf8String != NULL) {
diff --git a/SmartDeviceLink/SDLControlFramePayloadRPCStartServiceAck.m b/SmartDeviceLink/SDLControlFramePayloadRPCStartServiceAck.m
index 996f2f172..e6afae672 100644
--- a/SmartDeviceLink/SDLControlFramePayloadRPCStartServiceAck.m
+++ b/SmartDeviceLink/SDLControlFramePayloadRPCStartServiceAck.m
@@ -115,7 +115,10 @@ NS_ASSUME_NONNULL_BEGIN
- (void)sdl_parse:(NSData *)data {
BsonObject payloadObject;
- bson_object_from_bytes_len(&payloadObject, (BytePtr)data.bytes, data.length);
+ size_t retval = bson_object_from_bytes_len(&payloadObject, (BytePtr)data.bytes, data.length);
+ if (retval <= 0) {
+ return;
+ }
self.hashId = bson_object_get_int32(&payloadObject, SDLControlFrameHashIdKey);
self.mtu = bson_object_get_int64(&payloadObject, SDLControlFrameMTUKey);
diff --git a/SmartDeviceLink/SDLControlFramePayloadRegisterSecondaryTransportNak.m b/SmartDeviceLink/SDLControlFramePayloadRegisterSecondaryTransportNak.m
index aeca26258..600fd1b61 100644
--- a/SmartDeviceLink/SDLControlFramePayloadRegisterSecondaryTransportNak.m
+++ b/SmartDeviceLink/SDLControlFramePayloadRegisterSecondaryTransportNak.m
@@ -65,7 +65,10 @@ NS_ASSUME_NONNULL_BEGIN
- (void)sdl_parse:(NSData *)data {
BsonObject payloadObject;
- bson_object_from_bytes_len(&payloadObject, (BytePtr)data.bytes, data.length);
+ size_t retval = bson_object_from_bytes_len(&payloadObject, (BytePtr)data.bytes, data.length);
+ if (retval <= 0) {
+ return;
+ }
char *reasonString = bson_object_get_string(&payloadObject, SDLControlFrameReasonKey);
if (reasonString != NULL) {
diff --git a/SmartDeviceLink/SDLControlFramePayloadTransportEventUpdate.m b/SmartDeviceLink/SDLControlFramePayloadTransportEventUpdate.m
index ed76a1c7f..24b49ccec 100644
--- a/SmartDeviceLink/SDLControlFramePayloadTransportEventUpdate.m
+++ b/SmartDeviceLink/SDLControlFramePayloadTransportEventUpdate.m
@@ -81,7 +81,10 @@ NS_ASSUME_NONNULL_BEGIN
- (void)sdl_parse:(NSData *)data {
BsonObject payloadObject;
- bson_object_from_bytes_len(&payloadObject, (BytePtr)data.bytes, data.length);
+ size_t retval = bson_object_from_bytes_len(&payloadObject, (BytePtr)data.bytes, data.length);
+ if (retval <= 0) {
+ return;
+ }
char *utf8String = bson_object_get_string(&payloadObject, SDLControlFrameTCPIPAddressKey);
if (utf8String != NULL) {
diff --git a/SmartDeviceLink/SDLControlFramePayloadVideoStartService.m b/SmartDeviceLink/SDLControlFramePayloadVideoStartService.m
index 24820cf43..d8dc841be 100644
--- a/SmartDeviceLink/SDLControlFramePayloadVideoStartService.m
+++ b/SmartDeviceLink/SDLControlFramePayloadVideoStartService.m
@@ -88,7 +88,10 @@ NS_ASSUME_NONNULL_BEGIN
- (void)sdl_parse:(NSData *)data {
BsonObject payloadObject;
- bson_object_from_bytes_len(&payloadObject, (BytePtr)data.bytes, data.length);
+ size_t retval = bson_object_from_bytes_len(&payloadObject, (BytePtr)data.bytes, data.length);
+ if (retval <= 0) {
+ return;
+ }
self.height = bson_object_get_int32(&payloadObject, SDLControlFrameHeightKey);
self.width = bson_object_get_int32(&payloadObject, SDLControlFrameWidthKey);
diff --git a/SmartDeviceLink/SDLControlFramePayloadVideoStartServiceAck.m b/SmartDeviceLink/SDLControlFramePayloadVideoStartServiceAck.m
index 23891ce24..7f071df50 100644
--- a/SmartDeviceLink/SDLControlFramePayloadVideoStartServiceAck.m
+++ b/SmartDeviceLink/SDLControlFramePayloadVideoStartServiceAck.m
@@ -94,7 +94,10 @@
- (void)sdl_parse:(NSData *)data {
BsonObject payloadObject;
- bson_object_from_bytes_len(&payloadObject, (BytePtr)data.bytes, data.length);
+ size_t retval = bson_object_from_bytes_len(&payloadObject, (BytePtr)data.bytes, data.length);
+ if (retval <= 0) {
+ return;
+ }
self.mtu = bson_object_get_int64(&payloadObject, SDLControlFrameMTUKey);
self.height = bson_object_get_int32(&payloadObject, SDLControlFrameHeightKey);
View Lorry Controller Status