len0rd/FreeRTOS-Kernel
1
0
Fork 0
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2025-10-28 08:16:15 -04:00
Code Issues Projects Releases Packages Wiki Activity

Return error if invalid input detected in transport layer (Send/Recv) (#773)

Browse source 
* return error if invalid input detected in transport layer
This commit is contained in:
ActoryOu 2022-01-11 11:08:43 +08:00 committed by GitHub
parent 4382969a10
commit 9b27a5de4e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 310 additions and 171 deletions
Download patch file Download diff file Expand all files Collapse all files

126
FreeRTOS-Plus/Source/Application-Protocols/network_transport/using_mbedtls/using_mbedtls.c
View file

@ -773,35 +773,52 @@ int32_t TLS_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
TlsTransportParams_t * pTlsTransportParams = NULL;
int32_t tlsStatus = 0;
configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) );
pTlsTransportParams = pNetworkContext->pParams;
tlsStatus = ( int32_t ) mbedtls_ssl_read( &( pTlsTransportParams->sslContext.context ),
pBuffer,
bytesToRecv );
if( ( tlsStatus == MBEDTLS_ERR_SSL_TIMEOUT ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_READ ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_WRITE ) )
if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
{
LogDebug( ( "Failed to read data. However, a read can be retried on this error. "
"mbedTLSError= %s : %s.",
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
/* Mark these set of errors as a timeout. The libraries may retry read
* on these errors. */
tlsStatus = 0;
LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
tlsStatus = -1;
}
else if( tlsStatus < 0 )
else if( pBuffer == NULL )
{
LogError( ( "Failed to read data: mbedTLSError= %s : %s.",
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
LogError( ( "invalid input, pBuffer == NULL" ) );
tlsStatus = -1;
}
else if( bytesToRecv == 0 )
{
LogError( ( "invalid input, bytesToRecv == 0" ) );
tlsStatus = -1;
}
else
{
/* Empty else marker. */
pTlsTransportParams = pNetworkContext->pParams;
tlsStatus = ( int32_t ) mbedtls_ssl_read( &( pTlsTransportParams->sslContext.context ),
pBuffer,
bytesToRecv );
if( ( tlsStatus == MBEDTLS_ERR_SSL_TIMEOUT ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_READ ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_WRITE ) )
{
LogDebug( ( "Failed to read data. However, a read can be retried on this error. "
"mbedTLSError= %s : %s.",
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
/* Mark these set of errors as a timeout. The libraries may retry read
* on these errors. */
tlsStatus = 0;
}
else if( tlsStatus < 0 )
{
LogError( ( "Failed to read data: mbedTLSError= %s : %s.",
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
}
else
{
/* Empty else marker. */
}
}
return tlsStatus;
@ -815,35 +832,52 @@ int32_t TLS_FreeRTOS_send( NetworkContext_t * pNetworkContext,
TlsTransportParams_t * pTlsTransportParams = NULL;
int32_t tlsStatus = 0;
configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) );
pTlsTransportParams = pNetworkContext->pParams;
tlsStatus = ( int32_t ) mbedtls_ssl_write( &( pTlsTransportParams->sslContext.context ),
pBuffer,
bytesToSend );
if( ( tlsStatus == MBEDTLS_ERR_SSL_TIMEOUT ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_READ ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_WRITE ) )
if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
{
LogDebug( ( "Failed to send data. However, send can be retried on this error. "
"mbedTLSError= %s : %s.",
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
/* Mark these set of errors as a timeout. The libraries may retry send
* on these errors. */
tlsStatus = 0;
LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
tlsStatus = -1;
}
else if( tlsStatus < 0 )
else if( pBuffer == NULL )
{
LogError( ( "Failed to send data: mbedTLSError= %s : %s.",
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
LogError( ( "invalid input, pBuffer == NULL" ) );
tlsStatus = -1;
}
else if( bytesToSend == 0 )
{
LogError( ( "invalid input, bytesToSend == 0" ) );
tlsStatus = -1;
}
else
{
/* Empty else marker. */
pTlsTransportParams = pNetworkContext->pParams;
tlsStatus = ( int32_t ) mbedtls_ssl_write( &( pTlsTransportParams->sslContext.context ),
pBuffer,
bytesToSend );
if( ( tlsStatus == MBEDTLS_ERR_SSL_TIMEOUT ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_READ ) ||
( tlsStatus == MBEDTLS_ERR_SSL_WANT_WRITE ) )
{
LogDebug( ( "Failed to send data. However, send can be retried on this error. "
"mbedTLSError= %s : %s.",
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
/* Mark these set of errors as a timeout. The libraries may retry send
* on these errors. */
tlsStatus = 0;
}
else if( tlsStatus < 0 )
{
LogError( ( "Failed to send data: mbedTLSError= %s : %s.",
mbedtlsHighLevelCodeOrDefault( tlsStatus ),
mbedtlsLowLevelCodeOrDefault( tlsStatus ) ) );
}
else
{
/* Empty else marker. */
}
}
return tlsStatus;