- check for minimum packet length (44 bytes, which includes the fields we
read next)
- pass the correct remaining buffer length to dhcpc_parseoptions()
- dhcpc_parseoptions(): ensure we never read past the end of the buffer
Gregory Nutt has submitted the SGA
Max Holtzberg has submitted the SGA
as a result we can migrate the licenses to Apache.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
It matches the original iperf behavior.
Note: -t is a client-only option for the original iperf 2.xx.
Note: You can still choose the previous behavior by
explictly specifying -t.
Gregory Nutt is has submitted the SGA
Sebastien Lorquet has submitted the ICLA
as a result we can migrate the licenses to Apache.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
Gregory Nutt is has submitted the SGA
Max Holtzberg has submitted the SGA
as a result we can migrate the licenses to Apache.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
Gregory Nutt is has submitted the SGA
Mateusz Szafoni has submitted the ICLA
as a result we can migrate the licenses to Apache.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
Gregory Nutt is has submitted the SGA
Sebastien Lorquet has submitted the ICLA
as a result we can migrate the licenses to Apache.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
Gregory Nutt is the copyright holder for those files and he has submitted the
SGA as a result we can migrate the licenses to Apache.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
Similarly to the fix in wget_parseheaders.
But simply always bail out as i guess it's very rare to see
that long status line.
Tested with an aritifically small CONFIG_WEBCLIENT_MAXHTTPLINE=20,
which is smaller than "HTTP/1.1 301 Moved Permanently".
* Detect a long header line which doesn't fit the buffer.
* If the header line in question doesn't seem important for us,
just ignore it.
* Otherwise, bail out with -E2BIG.
The overrun was found by LLVM UBSan on macOS.
The following is an example of a long header line,
which doesn't fit the default CONFIG_WEBCLIENT_MAXHTTPLINE=200.
```
pacetanuki% curl -v https://www.midokura.com
:
:
< HTTP/2 200
< server: nginx
< date: Fri, 14 May 2021 02:16:24 GMT
< content-type: text/html; charset=UTF-8
< content-length: 131313
< x-powered-by: PHP/7.4.18
< link: <https://www.midokura.com/wp-json/>; rel="https://api.w.org/", <https://www.midokura.com/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json", <https://www.midokura.com/>; rel=shortlink
< x-powered-by: PleskLin
<
```
For EINVAL, it doesn't make sense to keep parsing.
(For E2BIG, it might make some sense.)
Found by LLVM ASan.
```
=================================================================
==81622==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020000000f2 at pc 0x00010d2746ca bp 0x7ffee29a9980 sp 0x7ffee29a9978
READ of size 1 at 0x6020000000f2 thread T0
#0 0x10d2746c9 in netlib_parseurl netlib_parseurl.c:121
#1 0x10d26b293 in parseurl webclient.c:479
#2 0x10d265e48 in webclient_perform webclient.c:690
#3 0x10d277c5b in main main.c:210
#4 0x7fff7a06f3d4 in start+0x0 (libdyld.dylib:x86_64+0x163d4)
0x6020000000f2 is located 0 bytes to the right of 2-byte region [0x6020000000f0,0x6020000000f2)
allocated by thread T0 here:
#0 0x10d3996d3 in wrap_strdup+0x203 (libclang_rt.asan_osx_dynamic.dylib:x86_64+0x3e6d3)
#1 0x10d276abe in main main.c:147
#2 0x7fff7a06f3d4 in start+0x0 (libdyld.dylib:x86_64+0x163d4)
SUMMARY: AddressSanitizer: heap-buffer-overflow netlib_parseurl.c:121 in netlib_parseurl
Shadow bytes around the buggy address:
0x1c03ffffffc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x1c03ffffffd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x1c03ffffffe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x1c03fffffff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x1c0400000000: fa fa fd fd fa fa fd fd fa fa 00 00 fa fa 00 00
=>0x1c0400000010: fa fa 00 fa fa fa 00 00 fa fa 00 06 fa fa[02]fa
0x1c0400000020: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x1c0400000030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x1c0400000040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x1c0400000050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x1c0400000060: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
==81622==ABORTING
```
The following errors are false positives.
https://github.com/apache/incubator-nuttx/issues/387
```
/Users/yamamoto/git/nuttx/apps/netutils/netlib/netlib_parseurl.c:57:13: error: C++ style comment
/Users/yamamoto/git/nuttx/apps/netutils/netlib/netlib_parseurl.c:59:35: error: C++ style comment
```
Summary:
- This commit fixes the renew command with the usrsock
Impact:
- None
Testing:
- Tested with spresense:wifi and esp32-devkitc:wapi
Signed-off-by: Masayuki Ishikawa <Masayuki.Ishikawa@jp.sony.com>
It's used in the code but missing in Kconfig.
I guess the PR [1] forgot to add this.
Make it "y" by default because it seems like the original behavior
before the PR [1]. I have no strong opinions on the default
either ways.
[1] https://github.com/apache/incubator-nuttx-apps/pull/570
from:
return - ECONNABORTED;
to:
return -ECONNABORTED;
The latter style is more commonly used within NuttX code base.
Note: nxstyle doesn't complain on either of them.
The current calculation easily overflows if the local time is
around the unix epoch. I guess it isn't too unusual for
devices without RTC. Or, the battery is dead. Or, whatever.
This commit avoids the overflow by simply dividing everything by 2.
While more sophisticated and precise solutions are possible,
I feel that they are overkill for this simple implementation.
For example,
The unix epoch (1970) is 0x83aa7e8000000000 in
64-bit NTP timestamp. (1900-origin)
The timestamp now, as of writing this, is 0xe3cda16b00000000.
With the code before this commit, the offset will be:
(lldb) p (long long)((0xe3cda16b00000000 - 0x83aa7e8000000000) + (0xe3cda16b00000000 - 0x83aa7e8000000000)) / 2
(long long) $16 = -2295952992316162048
(lldb)
with the new code, it would be:
(lldb) p (long long)((0xe3cda16b00000000 / 2 - 0x83aa7e8000000000 / 2) + (0xe3cda16b00000 / 2 - 0x83aa7e8000000000 / 2))
(long long) $17 = 6927419044538613760
(lldb)
It's the correct offset from the unix epoch:
(lldb) p 6927419044538613760 >> 32
(long) $0 = 1612915435
(lldb)
spacetanuki% date -r 1612915435
Wed Feb 10 09:03:55 JST 2021
spacetanuki%
Summary:
- I noticed that lc823450-xgevk:rndis does not work with iperf
- Finally, I found that it does not call pthread_join()
- This commit fixes this issue
Impact:
- No impact
Testing:
- Tested with lc823450-xgevk:rndis
- NOTE: need to add iperf in the defconfig
Signed-off-by: Masayuki Ishikawa <Masayuki.Ishikawa@jp.sony.com>
The buffer doesn't have the space for the terminating NUL.
Fix it by replacing it with fwrite, as there seems to be little reason
to use fprintf and NUL-terminated string in the first place.
Allow multiple NTP servers, also with runtime configurable list
Add validation of received NTP packets
NTPv4 support with 'Kiss o' Death' message handling
IPv6 support
Collect multiple NTP samples and filter outsiders
Check if system clock has been altered during NTP (if CONFIG_CLOCK_MONOTONIC)
Signed-off-by: Juha Niskanen <juha.niskanen@haltian.com>
This happened frequently for me with Docker Desktop's
/var/run/docker.sock on macOS.
But I believe it can happen on other environments, even with TCP.
Alternatively, this case can be handled by the callback
implementations. But it's simpler to handle the corner case here.
Summary:
- This commit fixes compile warnings with Arm GCC 9.3.1
Impact:
- None
Testing:
- Tested with lm3s6965-ek:discover
- NOTE: need to add the following configs
+CONFIG_EXAMPLES_IPERF=y
+CONFIG_EXAMPLES_IPERFTEST_DEVNAME="eth0"
Signed-off-by: Masayuki Ishikawa <Masayuki.Ishikawa@jp.sony.com>
* It doesn't make much sense to have the default values for
these highly environment-dependent settings.
* netutils/netinit/netinit_associate.c calls wpa_driver_wext_associate
if the SSID is not empty. Depending on the environment, it can take
long to fail. It slows down the boot of some configurations
considerably. eg. esp32-devkitc:wapi
wget is missing from some system (like macOS and Windows native),
it's better to use curl to simplify build environment.
Signed-off-by: Huang Qi <huangqi3@xiaomi.com>
The following nxstyle error is intentionally left.
It's a nested function. I guess nxstyle doesn't support it.
netutils/chat/chat.c:110:8: error: Bad comment alignment
The following nxstyle errors are intentionally left.
The first one is in the copyright notice.
The others are identifiers like ClientData etc.
netutils/thttpd/thttpd.c:10:81: error: Long line found
netutils/thttpd/thttpd.c:99:2: error: Mixed case identifier found
netutils/thttpd/thttpd.c💯2: error: Mixed case identifier found
netutils/thttpd/thttpd.c:131:17: error: Mixed case identifier found
netutils/thttpd/thttpd.c:131:57: error: Mixed case identifier found
netutils/thttpd/thttpd.c:132:36: error: Mixed case identifier found
netutils/thttpd/thttpd.c:133:52: error: Mixed case identifier found
netutils/thttpd/thttpd.c:134:23: error: Mixed case identifier found
netutils/thttpd/thttpd.c:134:63: error: Mixed case identifier found
netutils/thttpd/thttpd.c:527:2: error: Mixed case identifier found
netutils/thttpd/thttpd.c:597:17: error: Mixed case identifier found
netutils/thttpd/thttpd.c:597:57: error: Mixed case identifier found
netutils/thttpd/thttpd.c:608:14: error: Mixed case identifier found
netutils/thttpd/thttpd.c:615:38: error: Mixed case identifier found
netutils/thttpd/thttpd.c:620:14: error: Mixed case identifier found
netutils/thttpd/thttpd.c:625:37: error: Mixed case identifier found
netutils/thttpd/thttpd.c:632:36: error: Mixed case identifier found
netutils/thttpd/thttpd.c:633:52: error: Mixed case identifier found
netutils/thttpd/thttpd.c:643:23: error: Mixed case identifier found
netutils/thttpd/thttpd.c:643:63: error: Mixed case identifier found
netutils/thttpd/thttpd.c:730:35: error: Mixed case identifier found
netutils/thttpd/thttpd.c:739:29: error: Mixed case identifier found
This fixes the case when webclient_set_static_body is used
for data larger than webclient_context::buflen.
Note: as of writing this, webclient_set_static_body is the
only user of body_callback in NuttX apps tree.
Uses logic from apps/fsutils/ipcfg to obtain the IP address configuration from a file, if available. This only effects the behavior of netinit if CONFIG_FSUTILS_IPCFG is selected and if an IP configuration file is available on a file system. Otherwise, it reverts to the preceding behavior.
Also adds definitions to apps/include/fsutils/ipcfg.h to formalize a bit encoding of the prototype which was already in use, but not documented.
Also fixes some bad assertions (duplication of PR #420) and makes use of variable names consistent in ipcfg.h comments and in ipcfg_text implementation.
Highlights:
* TLS support (a hook to allow users to provide TLS implementation)
* ability to add extra request headers
* ability to use PUT method
* ability to report http status
* error handling improvements
Proposed on the ML while ago:
https://www.mail-archive.com/dev@nuttx.apache.org/msg03803.html
The original API is kept for now.
I plan to remove them after adapting the existing users.
(examples in this repo)
Summary:
- dhcpc now uses gethostname() but the hostname might be empty
- This commit fixes this issue
Impact:
- All use cases which use dhcpc
Testing:
- Tested with spresense:wifi
Signed-off-by: Masayuki Ishikawa <Masayuki.Ishikawa@jp.sony.com>
Adapt to the change in the main repo.
mallinfo is meant to be API compatible with Linux,
where it's provided by malloc.h.
(I think the API actually originated with System V. I don't
remember how it was there though. Anyway, I guess the
compatibility with Linux is more important than System V
these days.)
When recv() failed, the current code assumes the return value
of recv() is a negative errno. It's wrong. Actually the return value
in case of error is -1. The wrong assumption ends up with reporting
EPERM, as EPERM happens to be -(-1).
This commit changes the code to leave the errno set by the failed
recv() as it is. It should be fine as wget_base() has the same
error returning convention as recv(). That is, return -1 (ERROR)
and set errno in the case of failure.
NOTE: the close() after the errout label can also fail and overwrite
the errno. I don't feel it's a big problem as wget_base() doesn't have
any promise about which error should be reported.
http -> https redirection is rather common. The old code was
just broken in that case.
Also, this commit is a step towards https support.
* Switch to netlib_parseurl
* Fix error propagation in wget_parseheaders
* Bail out on a redirect to a URL with unsupported scheme