Return error if invalid input detected in transport layer (Send/Recv) (#773)

* return error if invalid input detected in transport layer

FreeRTOS-Plus/Source/Application-Protocols/network_transport/using_mbedtls/using_mbedtls.c

@@ -773,9 +773,25 @@ int32_t TLS_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
     TlsTransportParams_t * pTlsTransportParams = NULL;
     int32_t tlsStatus = 0;
 
-    configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) );
-
+    if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
+    {
+        LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
+        tlsStatus = -1;
+    }
+    else if( pBuffer == NULL )
+    {
+        LogError( ( "invalid input, pBuffer == NULL" ) );
+        tlsStatus = -1;
+    }
+    else if( bytesToRecv == 0 )
+    {
+        LogError( ( "invalid input, bytesToRecv == 0" ) );
+        tlsStatus = -1;
+    }
+    else
+    {
         pTlsTransportParams = pNetworkContext->pParams;
+
         tlsStatus = ( int32_t ) mbedtls_ssl_read( &( pTlsTransportParams->sslContext.context ),
                                                   pBuffer,
                                                   bytesToRecv );
@@ -803,6 +819,7 @@ int32_t TLS_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
         {
             /* Empty else marker. */
         }
+    }
 
     return tlsStatus;
 }
@@ -815,9 +832,25 @@ int32_t TLS_FreeRTOS_send( NetworkContext_t * pNetworkContext,
     TlsTransportParams_t * pTlsTransportParams = NULL;
     int32_t tlsStatus = 0;
 
-    configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) );
-
+    if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
+    {
+        LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
+        tlsStatus = -1;
+    }
+    else if( pBuffer == NULL )
+    {
+        LogError( ( "invalid input, pBuffer == NULL" ) );
+        tlsStatus = -1;
+    }
+    else if( bytesToSend == 0 )
+    {
+        LogError( ( "invalid input, bytesToSend == 0" ) );
+        tlsStatus = -1;
+    }
+    else
+    {
         pTlsTransportParams = pNetworkContext->pParams;
+
         tlsStatus = ( int32_t ) mbedtls_ssl_write( &( pTlsTransportParams->sslContext.context ),
                                                    pBuffer,
                                                    bytesToSend );
@@ -845,6 +878,7 @@ int32_t TLS_FreeRTOS_send( NetworkContext_t * pNetworkContext,
         {
             /* Empty else marker. */
         }
+    }
 
     return tlsStatus;
 }

FreeRTOS-Plus/Source/Application-Protocols/network_transport/using_mbedtls_pkcs11/using_mbedtls_pkcs11.c

@@ -923,7 +923,7 @@ void TLS_FreeRTOS_Disconnect( NetworkContext_t * pNetworkContext )
     TlsTransportParams_t * pTlsTransportParams = NULL;
     BaseType_t tlsStatus = 0;
 
-    if( pNetworkContext != NULL && pNetworkContext->pParams != NULL )
+    if( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) )
     {
         pTlsTransportParams = pNetworkContext->pParams;
         /* Attempting to terminate TLS connection. */
@@ -975,9 +975,25 @@ int32_t TLS_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
     TlsTransportParams_t * pTlsTransportParams = NULL;
     int32_t tlsStatus = 0;
 
-    configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) );
-
+    if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
+    {
+        LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
+        tlsStatus = -1;
+    }
+    else if( pBuffer == NULL )
+    {
+        LogError( ( "invalid input, pBuffer == NULL" ) );
+        tlsStatus = -1;
+    }
+    else if( bytesToRecv == 0 )
+    {
+        LogError( ( "invalid input, bytesToRecv == 0" ) );
+        tlsStatus = -1;
+    }
+    else
+    {
         pTlsTransportParams = pNetworkContext->pParams;
+
         tlsStatus = ( int32_t ) mbedtls_ssl_read( &( pTlsTransportParams->sslContext.context ),
                                                   pBuffer,
                                                   bytesToRecv );
@@ -1005,6 +1021,7 @@ int32_t TLS_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
         {
             /* Empty else marker. */
         }
+    }
 
     return tlsStatus;
 }
@@ -1018,8 +1035,23 @@ int32_t TLS_FreeRTOS_send( NetworkContext_t * pNetworkContext,
     TlsTransportParams_t * pTlsTransportParams = NULL;
     int32_t tlsStatus = 0;
 
-    configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) );
-
+    if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
+    {
+        LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
+        tlsStatus = -1;
+    }
+    else if( pBuffer == NULL )
+    {
+        LogError( ( "invalid input, pBuffer == NULL" ) );
+        tlsStatus = -1;
+    }
+    else if( bytesToSend == 0 )
+    {
+        LogError( ( "invalid input, bytesToSend == 0" ) );
+        tlsStatus = -1;
+    }
+    else
+    {
         pTlsTransportParams = pNetworkContext->pParams;
         tlsStatus = ( int32_t ) mbedtls_ssl_write( &( pTlsTransportParams->sslContext.context ),
                                                    pBuffer,
@@ -1048,6 +1080,7 @@ int32_t TLS_FreeRTOS_send( NetworkContext_t * pNetworkContext,
         {
             /* Empty else marker. */
         }
+    }
 
     return tlsStatus;
 }

FreeRTOS-Plus/Source/Application-Protocols/network_transport/using_plaintext/using_plaintext.c

@@ -133,8 +133,23 @@ int32_t Plaintext_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
     PlaintextTransportParams_t * pPlaintextTransportParams = NULL;
     int32_t socketStatus = 1;
 
-    configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) );
-
+    if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
+    {
+        LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
+        socketStatus = -1;
+    }
+    else if( pBuffer == NULL )
+    {
+        LogError( ( "invalid input, pBuffer == NULL" ) );
+        socketStatus = -1;
+    }
+    else if( bytesToRecv == 0 )
+    {
+        LogError( ( "invalid input, bytesToRecv == 0" ) );
+        socketStatus = -1;
+    }
+    else
+    {
         pPlaintextTransportParams = pNetworkContext->pParams;
 
         /* The TCP socket may have a receive block time.  If bytesToRecv is greater
@@ -158,6 +173,7 @@ int32_t Plaintext_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
                                           bytesToRecv,
                                           0 );
         }
+    }
 
     return socketStatus;
 }
@@ -169,8 +185,23 @@ int32_t Plaintext_FreeRTOS_send( NetworkContext_t * pNetworkContext,
     PlaintextTransportParams_t * pPlaintextTransportParams = NULL;
     int32_t socketStatus = 0;
 
-    configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) );
-
+    if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
+    {
+        LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
+        socketStatus = -1;
+    }
+    else if( pBuffer == NULL )
+    {
+        LogError( ( "invalid input, pBuffer == NULL" ) );
+        socketStatus = -1;
+    }
+    else if( bytesToSend == 0 )
+    {
+        LogError( ( "invalid input, bytesToSend == 0" ) );
+        socketStatus = -1;
+    }
+    else
+    {
         pPlaintextTransportParams = pNetworkContext->pParams;
         socketStatus = FreeRTOS_send( pPlaintextTransportParams->tcpSocket,
                                       pBuffer,
@@ -194,6 +225,7 @@ int32_t Plaintext_FreeRTOS_send( NetworkContext_t * pNetworkContext,
                 taskYIELD();
             }
         #endif
+    }
 
     return socketStatus;
 }

FreeRTOS-Plus/Source/Application-Protocols/network_transport/using_wolfSSL/using_wolfSSL.c

@@ -482,7 +482,26 @@ int32_t TLS_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
 {
     int32_t tlsStatus = 0;
     int iResult = 0;
-    WOLFSSL * pSsl = pNetworkContext->sslContext.ssl;
+    WOLFSSL * pSsl = NULL;
+
+    if( ( pNetworkContext == NULL ) || ( pNetworkContext->sslContext.ssl == NULL ) )
+    {
+        LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
+        tlsStatus = -1;
+    }
+    else if( pBuffer == NULL )
+    {
+        LogError( ( "invalid input, pBuffer == NULL" ) );
+        tlsStatus = -1;
+    }
+    else if( bytesToRecv == 0 )
+    {
+        LogError( ( "invalid input, bytesToRecv == 0" ) );
+        tlsStatus = -1;
+    }
+    else
+    {
+        pSsl = pNetworkContext->sslContext.ssl;
 
         iResult = wolfSSL_read( pSsl, pBuffer, bytesToRecv );
 
@@ -500,6 +519,7 @@ int32_t TLS_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
             LogError( ( "Error from wolfSSL_read %d : %s ",
                         iResult, wolfSSL_ERR_reason_error_string( tlsStatus ) ) );
         }
+    }
 
     return tlsStatus;
 }
@@ -512,7 +532,26 @@ int32_t TLS_FreeRTOS_send( NetworkContext_t * pNetworkContext,
 {
     int32_t tlsStatus = 0;
     int iResult = 0;
-    WOLFSSL * pSsl = pNetworkContext->sslContext.ssl;
+    WOLFSSL * pSsl = NULL;
+
+    if( ( pNetworkContext == NULL ) || ( pNetworkContext->sslContext.ssl == NULL ) )
+    {
+        LogError( ( "invalid input, pNetworkContext=%p", pNetworkContext ) );
+        tlsStatus = -1;
+    }
+    else if( pBuffer == NULL )
+    {
+        LogError( ( "invalid input, pBuffer == NULL" ) );
+        tlsStatus = -1;
+    }
+    else if( bytesToSend == 0 )
+    {
+        LogError( ( "invalid input, bytesToSend == 0" ) );
+        tlsStatus = -1;
+    }
+    else
+    {
+        pSsl = pNetworkContext->sslContext.ssl;
 
         iResult = wolfSSL_write( pSsl, pBuffer, bytesToSend );
 
@@ -530,6 +569,7 @@ int32_t TLS_FreeRTOS_send( NetworkContext_t * pNetworkContext,
             LogError( ( "Error from wolfSL_write %d : %s ",
                         iResult, wolfSSL_ERR_reason_error_string( tlsStatus ) ) );
         }
+    }
 
     return tlsStatus;
 }