From 35ac4794301fb5d1f660d6ff0b4e50acd64632d9 Mon Sep 17 00:00:00 2001 From: Michael Zillgith Date: Fri, 27 May 2022 20:42:51 +0200 Subject: [PATCH] - fixed strncpy usage --- src/iec61850/client/client_report.c | 3 +- src/iec61850/client/ied_connection.c | 8 ++++-- src/iec61850/server/impl/ied_server.c | 2 ++ src/iec61850/server/mms_mapping/logging.c | 3 ++ src/iec61850/server/mms_mapping/mms_mapping.c | 6 +++- src/iec61850/server/mms_mapping/mms_sv.c | 2 ++ .../server/model/config_file_parser.c | 3 +- src/iec61850/server/model/dynamic_model.c | 28 +++++++++++-------- src/iec61850/server/model/model.c | 21 ++++++++------ src/mms/iso_mms/common/mms_common_msg.c | 2 +- 10 files changed, 50 insertions(+), 28 deletions(-) diff --git a/src/iec61850/client/client_report.c b/src/iec61850/client/client_report.c index b1441ba5..ec6cd5db 100644 --- a/src/iec61850/client/client_report.c +++ b/src/iec61850/client/client_report.c @@ -3,7 +3,7 @@ * * Client implementation for IEC 61850 reporting. * - * Copyright 2013-2019 Michael Zillgith + * Copyright 2013-2022 Michael Zillgith * * This file is part of libIEC61850. * @@ -388,6 +388,7 @@ iedConnection_handleReport(IedConnection self, MmsValue* value) if ((rptId == NULL) || (rptId && (strlen(rptId) == 0))) { strncpy(defaultRptId, report->rcbReference, 129); + defaultRptId[129] = 0; StringUtils_replace(defaultRptId, '.', '$'); rptId = defaultRptId; } diff --git a/src/iec61850/client/ied_connection.c b/src/iec61850/client/ied_connection.c index 0bb73ebb..ca922313 100644 --- a/src/iec61850/client/ied_connection.c +++ b/src/iec61850/client/ied_connection.c @@ -1,7 +1,7 @@ /* * ied_connection.c * - * Copyright 2013-2019 Michael Zillgith + * Copyright 2013-2022 Michael Zillgith * * This file is part of libIEC61850. * @@ -3964,6 +3964,7 @@ IedConnection_queryLogByTime(IedConnection self, IedClientError* error, const ch char logRef[130]; strncpy(logRef, logReference, 129); + logRef[129] = 0; char* logDomain = logRef; char* logName = strchr(logRef, '/'); @@ -4027,6 +4028,7 @@ IedConnection_queryLogByTimeAsync(IedConnection self, IedClientError* error, con char logRef[130]; strncpy(logRef, logReference, 129); + logRef[129] = 0; char* logDomain = logRef; char* logName = strchr(logRef, '/'); @@ -4083,6 +4085,7 @@ IedConnection_queryLogAfterAsync(IedConnection self, IedClientError* error, cons char logRef[130]; strncpy(logRef, logReference, 129); + logRef[129] = 0; char* logDomain = logRef; char* logName = strchr(logRef, '/'); @@ -4136,6 +4139,7 @@ IedConnection_queryLogAfter(IedConnection self, IedClientError* error, const cha char logRef[130]; strncpy(logRef, logReference, 129); + logRef[129] = 0; char* logDomain = logRef; char* logName = strchr(logRef, '/'); @@ -4166,8 +4170,6 @@ IedConnection_queryLogAfter(IedConnection self, IedClientError* error, const cha } } - - MmsConnection IedConnection_getMmsConnection(IedConnection self) { diff --git a/src/iec61850/server/impl/ied_server.c b/src/iec61850/server/impl/ied_server.c index 6534fb7b..fde9754b 100644 --- a/src/iec61850/server/impl/ied_server.c +++ b/src/iec61850/server/impl/ied_server.c @@ -374,6 +374,7 @@ updateDataSetsWithCachedValues(IedServer self) char domainName[65]; strncpy(domainName, self->model->name, 64); + domainName[64] = 0; strncat(domainName, dataSetEntry->logicalDeviceName, 64 - iedNameLength); MmsDomain* domain = MmsDevice_getDomain(self->mmsDevice, domainName); @@ -1622,6 +1623,7 @@ IedServer_getFunctionalConstrainedData(IedServer self, DataObject* dataObject, F } strncpy(domainName, self->model->name, 64); + domainName[64] = 0; strncat(domainName, ld->name, 64); MmsDomain* domain = MmsDevice_getDomain(self->mmsDevice, domainName); diff --git a/src/iec61850/server/mms_mapping/logging.c b/src/iec61850/server/mms_mapping/logging.c index 9974dffa..9218cfd7 100644 --- a/src/iec61850/server/mms_mapping/logging.c +++ b/src/iec61850/server/mms_mapping/logging.c @@ -321,6 +321,7 @@ getLogInstanceByLogRef(MmsMapping* self, const char* logRef) char* logName; strncpy(refStr, logRef, 129); + refStr[129] = 0; domainName = refStr; @@ -483,6 +484,7 @@ LIBIEC61850_LOG_SVC_writeAccessLogControlBlock(MmsMapping* self, MmsDomain* doma char variableId[130]; strncpy(variableId, variableIdOrig, 129); + variableId[129] = 0; char* separator = strchr(variableId, '$'); @@ -694,6 +696,7 @@ LIBIEC61850_LOG_SVC_readAccessControlBlock(MmsMapping* self, MmsDomain* domain, char variableId[130]; strncpy(variableId, variableIdOrig, 129); + variableId[129] = 0; char* separator = strchr(variableId, '$'); diff --git a/src/iec61850/server/mms_mapping/mms_mapping.c b/src/iec61850/server/mms_mapping/mms_mapping.c index ff7a490f..658625b0 100644 --- a/src/iec61850/server/mms_mapping/mms_mapping.c +++ b/src/iec61850/server/mms_mapping/mms_mapping.c @@ -1804,8 +1804,8 @@ createMmsDomainFromIedDevice(MmsMapping* self, LogicalDevice* logicalDevice) } strncpy(domainName, self->model->name, 64); - strncat(domainName, logicalDevice->name, 64 - modelNameLength); domainName[64] = 0; + strncat(domainName, logicalDevice->name, 64 - modelNameLength); domain = MmsDomain_create(domainName); @@ -1919,6 +1919,7 @@ createDataSets(MmsDevice* mmsDevice, IedModel* iedModel) while (dataset != NULL) { strncpy(domainName, iedModel->name, 64); + domainName[64] = 0; strncat(domainName, dataset->logicalDeviceName, 64 - iedModelNameLength); MmsDomain* dataSetDomain = MmsDevice_getDomain(mmsDevice, domainName); @@ -1940,6 +1941,7 @@ createDataSets(MmsDevice* mmsDevice, IedModel* iedModel) MmsAccessSpecifier accessSpecifier; strncpy(domainName, iedModel->name, 64); + domainName[64] = 0; strncat(domainName, dataSetEntry->logicalDeviceName, 64 - iedModelNameLength); accessSpecifier.domain = MmsDevice_getDomain(mmsDevice, domainName); @@ -2289,6 +2291,7 @@ writeAccessGooseControlBlock(MmsMapping* self, MmsDomain* domain, char* variable char variableId[130]; strncpy(variableId, variableIdOrig, 129); + variableId[129] = 0; char* separator = strchr(variableId, '$'); @@ -2967,6 +2970,7 @@ readAccessGooseControlBlock(MmsMapping* self, MmsDomain* domain, char* variableI char variableId[130]; strncpy(variableId, variableIdOrig, 129); + variableId[129] = 0; char* separator = strchr(variableId, '$'); diff --git a/src/iec61850/server/mms_mapping/mms_sv.c b/src/iec61850/server/mms_mapping/mms_sv.c index 7b1423d2..e4aff07d 100644 --- a/src/iec61850/server/mms_mapping/mms_sv.c +++ b/src/iec61850/server/mms_mapping/mms_sv.c @@ -133,6 +133,7 @@ LIBIEC61850_SV_writeAccessSVControlBlock(MmsMapping* self, MmsDomain* domain, ch char variableId[130]; strncpy(variableId, variableIdOrig, 129); + variableId[129] = 0; char* separator = strchr(variableId, '$'); @@ -216,6 +217,7 @@ LIBIEC61850_SV_readAccessSampledValueControlBlock(MmsMapping* self, MmsDomain* d char variableId[130]; strncpy(variableId, variableIdOrig, 129); + variableId[129] = 0; char* separator = strchr(variableId, '$'); diff --git a/src/iec61850/server/model/config_file_parser.c b/src/iec61850/server/model/config_file_parser.c index ee9d2aec..b6afa3bd 100644 --- a/src/iec61850/server/model/config_file_parser.c +++ b/src/iec61850/server/model/config_file_parser.c @@ -32,7 +32,6 @@ static uint8_t lineBuffer[READ_BUFFER_MAX_SIZE]; - static int readLine(FileHandle fileHandle, uint8_t* buffer, int maxSize) { @@ -79,7 +78,6 @@ readLine(FileHandle fileHandle, uint8_t* buffer, int maxSize) } } - return bytesRead; } @@ -473,6 +471,7 @@ ConfigFileParser_createModelFromConfigFile(FileHandle fileHandle) if (start) { start++; strncpy(nameString, start, 129); + nameString[129] = 0; terminateString(nameString, ')'); int indexVal = -1; diff --git a/src/iec61850/server/model/dynamic_model.c b/src/iec61850/server/model/dynamic_model.c index 0e4e13d3..44483f72 100644 --- a/src/iec61850/server/model/dynamic_model.c +++ b/src/iec61850/server/model/dynamic_model.c @@ -41,28 +41,31 @@ IedModel_setIedNameForDynamicModel(IedModel* self, const char* name) } IedModel* -IedModel_create(const char* name/*, MemoryAllocator allocator*/) +IedModel_create(const char* name) { IedModel* self = (IedModel*) GLOBAL_CALLOC(1, sizeof(IedModel)); - if (name) - self->name = StringUtils_copyString(name); - else - self->name = NULL; + if (self) + { + if (name) + self->name = StringUtils_copyString(name); + else + self->name = NULL; - self->rcbs = NULL; + self->rcbs = NULL; - self->dataSets = NULL; + self->dataSets = NULL; - self->gseCBs = NULL; + self->gseCBs = NULL; - self->sgcbs = NULL; + self->sgcbs = NULL; - self->lcbs = NULL; + self->lcbs = NULL; - self->logs = NULL; + self->logs = NULL; - self->initializer = iedModel_emptyVariableInitializer; + self->initializer = iedModel_emptyVariableInitializer; + } return self; } @@ -726,6 +729,7 @@ DataSetEntry_create(DataSet* dataSet, const char* variable, int index, const cha char variableName[130]; strncpy(variableName, variable, 129); + variableName[129] = 0; char* separator = strchr(variableName, '/'); diff --git a/src/iec61850/server/model/model.c b/src/iec61850/server/model/model.c index 3da07561..4d8444b0 100644 --- a/src/iec61850/server/model/model.c +++ b/src/iec61850/server/model/model.c @@ -73,8 +73,6 @@ IedModel_setAttributeValuesToNull(IedModel* iedModel) } } - - int IedModel_getLogicalDeviceCount(IedModel* self) { @@ -109,6 +107,9 @@ IedModel_lookupDataSet(IedModel* self, const char* dataSetReference /* e.g. ied int modelNameLen = strlen(self->name); + if (modelNameLen > 64) + return NULL; + memcpy(domainName, self->name, modelNameLen); while (dataSet != NULL) { @@ -134,11 +135,12 @@ IedModel_getDevice(IedModel* self, const char* deviceName) { LogicalDevice* device = self->firstChild; - while (device != NULL) { - + while (device) + { char domainName[65]; strncpy(domainName, self->name, 64); + domainName[64] = 0; strncat(domainName, device->name, 64); if (strcmp(domainName, deviceName) == 0) @@ -155,8 +157,8 @@ IedModel_getDeviceByInst(IedModel* self, const char* ldInst) { LogicalDevice* device = self->firstChild; - while (device != NULL) { - + while (device) + { if (strcmp(device->name, ldInst) == 0) return device; @@ -355,8 +357,9 @@ IedModel_getModelNodeByShortObjectReference(IedModel* model, const char* objectR *separator = 0; char ldName[65]; - strcpy(ldName, model->name); - strcat(ldName, objRef); + strncpy(ldName, model->name, 64); + ldName[64] = 0; + strncat(ldName, objRef, 64); LogicalDevice* ld = IedModel_getDevice(model, ldName); @@ -536,11 +539,13 @@ createObjectReference(ModelNode* node, char* objectReference, bool withoutIedNam if (withoutIedName) { nameLength = strlen(lDevice->name); strncpy(objectReference, lDevice->name, 64); + objectReference[64] = 0; } else { nameLength = strlen (iedModel->name) + strlen(lDevice->name); strncpy(objectReference, iedModel->name, 64); + objectReference[64] = 0; strncat(objectReference, lDevice->name, 64); } diff --git a/src/mms/iso_mms/common/mms_common_msg.c b/src/mms/iso_mms/common/mms_common_msg.c index fb7d7548..f92b22b8 100644 --- a/src/mms/iso_mms/common/mms_common_msg.c +++ b/src/mms/iso_mms/common/mms_common_msg.c @@ -567,7 +567,7 @@ mmsMsg_createExtendedFilename(const char* basepath, char* extendedFileName, char strncpy(extendedFileName, basepath, 511); extendedFileName[511] = 0; strncat(extendedFileName, fileName, 511); - extendedFileName[511] = 0; + #else strcpy(extendedFileName, CONFIG_VIRTUAL_FILESTORE_BASEPATH); strncat(extendedFileName, fileName, sizeof(CONFIG_VIRTUAL_FILESTORE_BASEPATH) + 255);