len0rd/FreeRTOS-Kernel
1
0
Fork 0
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2025-10-29 08:46:20 -04:00
Code Issues Projects Releases Packages Wiki Activity

Return error if invalid input detected in transport layer (Send/Recv) (#773)

Browse source 
* return error if invalid input detected in transport layer
This commit is contained in:
ActoryOu 2022-01-11 11:08:43 +08:00 committed by GitHub
parent 4382969a10
commit 9b27a5de4e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 310 additions and 171 deletions
Download patch file Download diff file Expand all files Collapse all files

42
FreeRTOS-Plus/Source/Application-Protocols/network_transport/using_mbedtls/using_mbedtls.c
View file

@ -773,9 +773,25 @@ int32_t TLS_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
TlsTransportParams_t * pTlsTransportParams = NULL; TlsTransportParams_t * pTlsTransportParams = NULL;
int32_t tlsStatus = 0; int32_t tlsStatus = 0;
configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) ); if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
{
LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
tlsStatus = -1;
}
else if( pBuffer == NULL )
{
LogError( ( "invalid input, pBuffer == NULL" ) );
tlsStatus = -1;
}
else if( bytesToRecv == 0 )
{
LogError( ( "invalid input, bytesToRecv == 0" ) );
tlsStatus = -1;
}
else
{
pTlsTransportParams = pNetworkContext->pParams; pTlsTransportParams = pNetworkContext->pParams;
tlsStatus = ( int32_t ) mbedtls_ssl_read( &( pTlsTransportParams->sslContext.context ), tlsStatus = ( int32_t ) mbedtls_ssl_read( &( pTlsTransportParams->sslContext.context ),
pBuffer, pBuffer,
bytesToRecv ); bytesToRecv );
@ -803,6 +819,7 @@ int32_t TLS_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
{ {
/* Empty else marker. */ /* Empty else marker. */
} }
}
return tlsStatus; return tlsStatus;
} }
@ -815,9 +832,25 @@ int32_t TLS_FreeRTOS_send( NetworkContext_t * pNetworkContext,
TlsTransportParams_t * pTlsTransportParams = NULL; TlsTransportParams_t * pTlsTransportParams = NULL;
int32_t tlsStatus = 0; int32_t tlsStatus = 0;
configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) ); if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
{
LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
tlsStatus = -1;
}
else if( pBuffer == NULL )
{
LogError( ( "invalid input, pBuffer == NULL" ) );
tlsStatus = -1;
}
else if( bytesToSend == 0 )
{
LogError( ( "invalid input, bytesToSend == 0" ) );
tlsStatus = -1;
}
else
{
pTlsTransportParams = pNetworkContext->pParams; pTlsTransportParams = pNetworkContext->pParams;
tlsStatus = ( int32_t ) mbedtls_ssl_write( &( pTlsTransportParams->sslContext.context ), tlsStatus = ( int32_t ) mbedtls_ssl_write( &( pTlsTransportParams->sslContext.context ),
pBuffer, pBuffer,
bytesToSend ); bytesToSend );
@ -845,6 +878,7 @@ int32_t TLS_FreeRTOS_send( NetworkContext_t * pNetworkContext,
{ {
/* Empty else marker. */ /* Empty else marker. */
} }
}
return tlsStatus; return tlsStatus;
} }

55
FreeRTOS-Plus/Source/Application-Protocols/network_transport/using_mbedtls_pkcs11/using_mbedtls_pkcs11.c
View file

@ -208,7 +208,7 @@ static int32_t privateKeySigningCallback( void * pvContext,
size_t xHashLen, size_t xHashLen,
unsigned char * pucSig, unsigned char * pucSig,
size_t * pxSigLen, size_t * pxSigLen,
int32_t ( * piRng )( void *, int32_t ( *piRng )( void *,
unsigned char *, unsigned char *,
size_t ), size_t ),
void * pvRng ); void * pvRng );
@ -703,19 +703,19 @@ static CK_RV initializeClientKeys( SSLContext_t * pxCtx,
pxCtx->privKeyInfo.get_bitlen = NULL; pxCtx->privKeyInfo.get_bitlen = NULL;
pxCtx->privKeyInfo.can_do = canDoStub; pxCtx->privKeyInfo.can_do = canDoStub;
pxCtx->privKeyInfo.verify_func = NULL; pxCtx->privKeyInfo.verify_func = NULL;
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) #if defined( MBEDTLS_ECDSA_C ) && defined( MBEDTLS_ECP_RESTARTABLE )
pxCtx->privKeyInfo.verify_rs_func = NULL; pxCtx->privKeyInfo.verify_rs_func = NULL;
pxCtx->privKeyInfo.sign_rs_func = NULL; pxCtx->privKeyInfo.sign_rs_func = NULL;
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
pxCtx->privKeyInfo.decrypt_func = NULL; pxCtx->privKeyInfo.decrypt_func = NULL;
pxCtx->privKeyInfo.encrypt_func = NULL; pxCtx->privKeyInfo.encrypt_func = NULL;
pxCtx->privKeyInfo.check_pair_func = NULL; pxCtx->privKeyInfo.check_pair_func = NULL;
pxCtx->privKeyInfo.ctx_alloc_func = NULL; pxCtx->privKeyInfo.ctx_alloc_func = NULL;
pxCtx->privKeyInfo.ctx_free_func = NULL; pxCtx->privKeyInfo.ctx_free_func = NULL;
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) #if defined( MBEDTLS_ECDSA_C ) && defined( MBEDTLS_ECP_RESTARTABLE )
pxCtx->privKeyInfo.rs_alloc_func = NULL; pxCtx->privKeyInfo.rs_alloc_func = NULL;
pxCtx->privKeyInfo.rs_free_func = NULL; pxCtx->privKeyInfo.rs_free_func = NULL;
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
pxCtx->privKeyInfo.debug_func = NULL; pxCtx->privKeyInfo.debug_func = NULL;
pxCtx->privKeyInfo.sign_func = privateKeySigningCallback; pxCtx->privKeyInfo.sign_func = privateKeySigningCallback;
@ -737,7 +737,7 @@ static int32_t privateKeySigningCallback( void * pvContext,
size_t xHashLen, size_t xHashLen,
unsigned char * pucSig, unsigned char * pucSig,
size_t * pxSigLen, size_t * pxSigLen,
int32_t ( * piRng )( void *, int32_t ( *piRng )( void *,
unsigned char *, unsigned char *,
size_t ), size_t ),
void * pvRng ) void * pvRng )
@ -923,7 +923,7 @@ void TLS_FreeRTOS_Disconnect( NetworkContext_t * pNetworkContext )
TlsTransportParams_t * pTlsTransportParams = NULL; TlsTransportParams_t * pTlsTransportParams = NULL;
BaseType_t tlsStatus = 0; BaseType_t tlsStatus = 0;
if( pNetworkContext != NULL && pNetworkContext->pParams != NULL ) if( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) )
{ {
pTlsTransportParams = pNetworkContext->pParams; pTlsTransportParams = pNetworkContext->pParams;
/* Attempting to terminate TLS connection. */ /* Attempting to terminate TLS connection. */
@ -975,9 +975,25 @@ int32_t TLS_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
TlsTransportParams_t * pTlsTransportParams = NULL; TlsTransportParams_t * pTlsTransportParams = NULL;
int32_t tlsStatus = 0; int32_t tlsStatus = 0;
configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) ); if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
{
LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
tlsStatus = -1;
}
else if( pBuffer == NULL )
{
LogError( ( "invalid input, pBuffer == NULL" ) );
tlsStatus = -1;
}
else if( bytesToRecv == 0 )
{
LogError( ( "invalid input, bytesToRecv == 0" ) );
tlsStatus = -1;
}
else
{
pTlsTransportParams = pNetworkContext->pParams; pTlsTransportParams = pNetworkContext->pParams;
tlsStatus = ( int32_t ) mbedtls_ssl_read( &( pTlsTransportParams->sslContext.context ), tlsStatus = ( int32_t ) mbedtls_ssl_read( &( pTlsTransportParams->sslContext.context ),
pBuffer, pBuffer,
bytesToRecv ); bytesToRecv );
@ -1005,6 +1021,7 @@ int32_t TLS_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
{ {
/* Empty else marker. */ /* Empty else marker. */
} }
}
return tlsStatus; return tlsStatus;
} }
@ -1018,8 +1035,23 @@ int32_t TLS_FreeRTOS_send( NetworkContext_t * pNetworkContext,
TlsTransportParams_t * pTlsTransportParams = NULL; TlsTransportParams_t * pTlsTransportParams = NULL;
int32_t tlsStatus = 0; int32_t tlsStatus = 0;
configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) ); if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
{
LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
tlsStatus = -1;
}
else if( pBuffer == NULL )
{
LogError( ( "invalid input, pBuffer == NULL" ) );
tlsStatus = -1;
}
else if( bytesToSend == 0 )
{
LogError( ( "invalid input, bytesToSend == 0" ) );
tlsStatus = -1;
}
else
{
pTlsTransportParams = pNetworkContext->pParams; pTlsTransportParams = pNetworkContext->pParams;
tlsStatus = ( int32_t ) mbedtls_ssl_write( &( pTlsTransportParams->sslContext.context ), tlsStatus = ( int32_t ) mbedtls_ssl_write( &( pTlsTransportParams->sslContext.context ),
pBuffer, pBuffer,
@ -1048,6 +1080,7 @@ int32_t TLS_FreeRTOS_send( NetworkContext_t * pNetworkContext,
{ {
/* Empty else marker. */ /* Empty else marker. */
} }
}
return tlsStatus; return tlsStatus;
} }

40
FreeRTOS-Plus/Source/Application-Protocols/network_transport/using_plaintext/using_plaintext.c
View file

@ -133,8 +133,23 @@ int32_t Plaintext_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
PlaintextTransportParams_t * pPlaintextTransportParams = NULL; PlaintextTransportParams_t * pPlaintextTransportParams = NULL;
int32_t socketStatus = 1; int32_t socketStatus = 1;
configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) ); if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
{
LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
socketStatus = -1;
}
else if( pBuffer == NULL )
{
LogError( ( "invalid input, pBuffer == NULL" ) );
socketStatus = -1;
}
else if( bytesToRecv == 0 )
{
LogError( ( "invalid input, bytesToRecv == 0" ) );
socketStatus = -1;
}
else
{
pPlaintextTransportParams = pNetworkContext->pParams; pPlaintextTransportParams = pNetworkContext->pParams;
/* The TCP socket may have a receive block time. If bytesToRecv is greater /* The TCP socket may have a receive block time. If bytesToRecv is greater
@ -158,6 +173,7 @@ int32_t Plaintext_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
bytesToRecv, bytesToRecv,
0 ); 0 );
} }
}
return socketStatus; return socketStatus;
} }
@ -169,8 +185,23 @@ int32_t Plaintext_FreeRTOS_send( NetworkContext_t * pNetworkContext,
PlaintextTransportParams_t * pPlaintextTransportParams = NULL; PlaintextTransportParams_t * pPlaintextTransportParams = NULL;
int32_t socketStatus = 0; int32_t socketStatus = 0;
configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) ); if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
{
LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
socketStatus = -1;
}
else if( pBuffer == NULL )
{
LogError( ( "invalid input, pBuffer == NULL" ) );
socketStatus = -1;
}
else if( bytesToSend == 0 )
{
LogError( ( "invalid input, bytesToSend == 0" ) );
socketStatus = -1;
}
else
{
pPlaintextTransportParams = pNetworkContext->pParams; pPlaintextTransportParams = pNetworkContext->pParams;
socketStatus = FreeRTOS_send( pPlaintextTransportParams->tcpSocket, socketStatus = FreeRTOS_send( pPlaintextTransportParams->tcpSocket,
pBuffer, pBuffer,
@ -194,6 +225,7 @@ int32_t Plaintext_FreeRTOS_send( NetworkContext_t * pNetworkContext,
taskYIELD(); taskYIELD();
} }
#endif #endif
}
return socketStatus; return socketStatus;
} }

44
FreeRTOS-Plus/Source/Application-Protocols/network_transport/using_wolfSSL/using_wolfSSL.c
View file

@ -482,7 +482,26 @@ int32_t TLS_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
{ {
int32_t tlsStatus = 0; int32_t tlsStatus = 0;
int iResult = 0; int iResult = 0;
WOLFSSL * pSsl = pNetworkContext->sslContext.ssl; WOLFSSL * pSsl = NULL;
if( ( pNetworkContext == NULL ) || ( pNetworkContext->sslContext.ssl == NULL ) )
{
LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
tlsStatus = -1;
}
else if( pBuffer == NULL )
{
LogError( ( "invalid input, pBuffer == NULL" ) );
tlsStatus = -1;
}
else if( bytesToRecv == 0 )
{
LogError( ( "invalid input, bytesToRecv == 0" ) );
tlsStatus = -1;
}
else
{
pSsl = pNetworkContext->sslContext.ssl;
iResult = wolfSSL_read( pSsl, pBuffer, bytesToRecv ); iResult = wolfSSL_read( pSsl, pBuffer, bytesToRecv );
@ -500,6 +519,7 @@ int32_t TLS_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
LogError( ( "Error from wolfSSL_read %d : %s ", LogError( ( "Error from wolfSSL_read %d : %s ",
iResult, wolfSSL_ERR_reason_error_string( tlsStatus ) ) ); iResult, wolfSSL_ERR_reason_error_string( tlsStatus ) ) );
} }
}
return tlsStatus; return tlsStatus;
} }
@ -512,7 +532,26 @@ int32_t TLS_FreeRTOS_send( NetworkContext_t * pNetworkContext,
{ {
int32_t tlsStatus = 0; int32_t tlsStatus = 0;
int iResult = 0; int iResult = 0;
WOLFSSL * pSsl = pNetworkContext->sslContext.ssl; WOLFSSL * pSsl = NULL;
if( ( pNetworkContext == NULL ) || ( pNetworkContext->sslContext.ssl == NULL ) )
{
LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
tlsStatus = -1;
}
else if( pBuffer == NULL )
{
LogError( ( "invalid input, pBuffer == NULL" ) );
tlsStatus = -1;
}
else if( bytesToSend == 0 )
{
LogError( ( "invalid input, bytesToSend == 0" ) );
tlsStatus = -1;
}
else
{
pSsl = pNetworkContext->sslContext.ssl;
iResult = wolfSSL_write( pSsl, pBuffer, bytesToSend ); iResult = wolfSSL_write( pSsl, pBuffer, bytesToSend );
@ -530,6 +569,7 @@ int32_t TLS_FreeRTOS_send( NetworkContext_t * pNetworkContext,
LogError( ( "Error from wolfSL_write %d : %s ", LogError( ( "Error from wolfSL_write %d : %s ",
iResult, wolfSSL_ERR_reason_error_string( tlsStatus ) ) ); iResult, wolfSSL_ERR_reason_error_string( tlsStatus ) ) );
} }
}
return tlsStatus; return tlsStatus;
} }