diff --git a/source/core/wifi_ctrl.c b/source/core/wifi_ctrl.c index 3a57c3eda..47da8e653 100644 --- a/source/core/wifi_ctrl.c +++ b/source/core/wifi_ctrl.c @@ -905,7 +905,7 @@ bool get_notify_wifi_from_psm(char *PsmParamName) if (rc == bus_error_success) { strncpy(psm_notify_get, data.raw_data.bytes, (sizeof(psm_notify_get) - 1)); wifi_util_dbg_print(WIFI_CTRL, " PSMDB value=%s\n", psm_notify_get); - if ((psm_notify_get != NULL) && (strcmp(psm_notify_get, "true") == 0)) { + if (strcmp(psm_notify_get, "true") == 0) { psm_notify_flag = true; } else { psm_notify_flag = false; @@ -3242,7 +3242,7 @@ CHAR* getVAPName(UINT apIndex) for (vapArrayIndex = 0; vapArrayIndex < getNumberVAPsPerRadio(radioIndex); vapArrayIndex++) { if (apIndex == wifi_mgr->radio_config[radioIndex].vaps.vap_map.vap_array[vapArrayIndex].vap_index) { //wifi_util_dbg_print(WIFI_CTRL, "%s Input apIndex = %d found at radioIndex = %d vapArrayIndex = %d\n ", __FUNCTION__, apIndex, radioIndex, vapArrayIndex); - if((wifi_mgr->radio_config[radioIndex].vaps.rdk_vap_array[vapArrayIndex].vap_name != NULL) && (strlen((CHAR *)wifi_mgr->radio_config[radioIndex].vaps.rdk_vap_array[vapArrayIndex].vap_name) != 0)) { + if (strlen((CHAR *)wifi_mgr->radio_config[radioIndex].vaps.rdk_vap_array[vapArrayIndex].vap_name) != 0) { return (CHAR *)wifi_mgr->radio_config[radioIndex].vaps.rdk_vap_array[vapArrayIndex].vap_name; } else { return unused; diff --git a/source/core/wifi_ctrl_queue_handlers.c b/source/core/wifi_ctrl_queue_handlers.c index 8780d436f..10d33fdd7 100644 --- a/source/core/wifi_ctrl_queue_handlers.c +++ b/source/core/wifi_ctrl_queue_handlers.c @@ -3017,7 +3017,8 @@ int dfs_nop_start_timer(void *args) radarDetected_temp[sizeof(radarDetected_temp) - 1] = '\0'; - if( !strcmp(radarDetected_temp, " ") || radarDetected_temp == NULL ) { + if (!strcmp(radarDetected_temp, " ") ) + { wifi_util_error_print(WIFI_CTRL, "%s:%d No radar detected \n", __func__, __LINE__); return RETURN_ERR; } @@ -3063,7 +3064,7 @@ int dfs_nop_start_timer(void *args) radio_channel_param.channelWidth = dfs_radar_ch_bw; radio_channel_param.op_class = radio_params->operatingClass; - dfs_timer_secs = ((time_now - radar_detected_time)<(radio_params->DFSTimer * 60) && (time_now > radar_detected_time)) ? ( (radio_params->DFSTimer * 60) - (time_now - radar_detected_time)) : 0; + dfs_timer_secs = ((time_now - radar_detected_time) < ((long long)radio_params->DFSTimer * 60) && (time_now > radar_detected_time)) ? (((long long)radio_params->DFSTimer * 60) - (time_now - radar_detected_time)) : 0; if(dfs_timer_secs == 0) { update_db_radar_detected(radar_detected_ch_time); update_wifi_radio_config(RADIO_INDEX_DFS, radio_params, radio_feat); diff --git a/source/db/wifi_db_apis.c b/source/db/wifi_db_apis.c index fd0e23199..b0c06fa38 100644 --- a/source/db/wifi_db_apis.c +++ b/source/db/wifi_db_apis.c @@ -656,7 +656,6 @@ void callback_Wifi_Security_Config(ovsdb_update_monitor_t *mon, } pthread_mutex_lock(&g_wifidb->data_cache_lock); - l_security_cfg->mode = new_rec->security_mode; l_security_cfg->mode = new_rec->security_mode_new; l_security_cfg->encr = new_rec->encryption_method; @@ -1713,7 +1712,7 @@ int wifidb_update_interworking_config(char *vap_name, wifi_InterworkingElement_t } wifi_util_dbg_print(WIFI_DB,"%s:%d: Found %d records with key: %s in Wifi VAP table\n", __func__, __LINE__, count, vap_name); - strcpy(cfg.vap_name, vap_name); + snprintf(cfg.vap_name, sizeof(cfg.vap_name), "%s", vap_name); cfg.enable = interworking->interworkingEnabled; cfg.access_network_type = interworking->accessNetworkType; cfg.internet = interworking->internetAvailable; @@ -1844,7 +1843,6 @@ void wifidb_print_interworking_config () } free(pcfg); - pcfg = NULL; } } } @@ -2348,12 +2346,12 @@ int wifidb_update_wifi_vap_config(int radio_index, wifi_vap_info_map_t *config, uint8_t vap_index = 0; char name[BUFFER_LENGTH_WIFIDB]; - wifi_util_dbg_print(WIFI_DB,"%s:%d:VAP Config update for radio index=%d No of Vaps=%d\n",__func__, __LINE__,radio_index,config->num_vaps); if((config == NULL) || (convert_radio_to_name(radio_index,name)!=0)) { wifidb_print("%s:%d WIFI DB update error !!!. Failed to update Vap Config - Null pointer \n",__func__, __LINE__); return -1; } + wifi_util_dbg_print(WIFI_DB,"%s:%d:VAP Config update for radio index=%d No of Vaps=%d\n",__func__, __LINE__,radio_index,config->num_vaps); for(i=0;inum_vaps;i++) { wifidb_print("%s:%d Updated WIFI DB. vap Config updated successful for radio %s and vap_name %s. \n",__func__, __LINE__,name,config->vap_array[i].vap_name); @@ -2874,7 +2872,7 @@ int wifidb_update_preassoc_ctrl_config(char *vap_name, wifi_preassoc_control_t * return -1; } - strcpy(cfg.vap_name, vap_name); + snprintf(cfg.vap_name, sizeof(cfg.vap_name), "%s", vap_name); strcpy(cfg.rssi_up_threshold, preassoc->rssi_up_threshold); strcpy(cfg.snr_threshold, preassoc->snr_threshold); strcpy(cfg.cu_threshold, preassoc->cu_threshold); @@ -2960,7 +2958,7 @@ int wifidb_update_postassoc_ctrl_config(char *vap_name, wifi_postassoc_control_t return -1; } - strcpy(cfg.vap_name, vap_name); + snprintf(cfg.vap_name, sizeof(cfg.vap_name), "%s", vap_name); strcpy(cfg.rssi_up_threshold, postassoc->rssi_up_threshold); strcpy(cfg.sampling_interval, postassoc->sampling_interval); strcpy(cfg.snr_threshold, postassoc->snr_threshold); @@ -3357,7 +3355,7 @@ int wifidb_get_wifi_global_config(wifi_global_param_t *config) config->force_disable_radio_status = pcfg->force_disable_radio_status; config->fixed_wmm_params = pcfg->fixed_wmm_params; if (strlen(pcfg->wifi_region_code) != 0) { - strncpy(config->wifi_region_code,pcfg->wifi_region_code,sizeof(config->wifi_region_code)-1); + snprintf(config->wifi_region_code, sizeof(config->wifi_region_code), "%s", pcfg->wifi_region_code); } config->diagnostic_enable = pcfg->diagnostic_enable; config->validate_ssid = pcfg->validate_ssid; @@ -4716,7 +4714,7 @@ static void wifidb_radio_config_upgrade(unsigned int index, wifi_radio_operation wifi_mgr_t *g_wifidb = get_wifimgr_obj(); unsigned int total_radios = getNumberRadios(); - if (index < 0 || index >= total_radios) + if (index >= total_radios) { wifi_util_error_print(WIFI_DB,"%s:%d Invalid radio index\n", __func__, __LINE__); return; @@ -6383,6 +6381,7 @@ int wifidb_update_wifi_macfilter_config(char *macfilter_key, acl_entry_t *config char *vap_name = NULL; json_t *where; int ret = 0; + int vap_index = -1; rdk_wifi_vap_info_t *l_rdk_vap_array = NULL; wifi_mac_entry_param_t l_mac_entry; memset(&l_mac_entry, 0, sizeof(l_mac_entry)); @@ -6394,7 +6393,12 @@ int wifidb_update_wifi_macfilter_config(char *macfilter_key, acl_entry_t *config if (!add) { where = onewifi_ovsdb_tran_cond(OCLM_STR, "macfilter_key", OFUNC_EQ, macfilter_key); ret = onewifi_ovsdb_table_delete_where(g_wifidb->wifidb_sock_path, &table_Wifi_MacFilter_Config, where); - l_mac_entry.vap_index = convert_vap_name_to_index(&((wifi_mgr_t*) get_wifimgr_obj())->hal_cap.wifi_prop, vap_name); + vap_index = convert_vap_name_to_index(&((wifi_mgr_t*) get_wifimgr_obj())->hal_cap.wifi_prop, vap_name); + if (vap_index == -1) { + wifi_util_dbg_print(WIFI_DB,"%s:%d: Unable to get vap index for vap_name %s\n", __func__, __LINE__, vap_name); + return -1; + } + l_mac_entry.vap_index = (unsigned char) vap_index; wifidb_print("%s:%d vap_name:%s key:%s\n",__func__, __LINE__, vap_name, macfilter_key); memset(tmp_mac_str, 0, sizeof(tmp_mac_str)); to_mac_str(config->mac, tmp_mac_str); @@ -6434,11 +6438,12 @@ int wifidb_update_wifi_macfilter_config(char *macfilter_key, acl_entry_t *config snprintf(cfg_mac.macfilter_key, sizeof(cfg_mac.macfilter_key), "%s", macfilter_key); wifi_util_dbg_print(WIFI_DB,"%s:%d: updating table wifi_macfilter_config table entry is device_mac %s, device_name %s,macfilter_key %s reason %d and expiry_time %d\n", __func__, __LINE__, cfg_mac.device_mac, cfg_mac.device_name, cfg_mac.macfilter_key,cfg_mac.reason,cfg_mac.expiry_time); - l_mac_entry.vap_index = convert_vap_name_to_index(&((wifi_mgr_t*) get_wifimgr_obj())->hal_cap.wifi_prop, vap_name); - if (l_mac_entry.vap_index == -1) { + vap_index = convert_vap_name_to_index(&((wifi_mgr_t*) get_wifimgr_obj())->hal_cap.wifi_prop, vap_name); + if (vap_index == -1) { wifi_util_dbg_print(WIFI_DB,"%s:%d: Unable to get vap index for vap_name %s\n", __func__, __LINE__, vap_name); return -1; } + l_mac_entry.vap_index = (unsigned char) vap_index; l_rdk_vap_array = get_wifidb_rdk_vap_info(l_mac_entry.vap_index); if (l_rdk_vap_array == NULL) { wifi_util_dbg_print(WIFI_DB,"%s:%d: Unable to find vap_array for vap_index %d\n", __func__, __LINE__, l_mac_entry.vap_index); @@ -8759,7 +8764,7 @@ void get_psm_mac_list_entry(unsigned int instance_number, char *l_vap_name, unsi snprintf(recName, sizeof(recName), MacFilterDevice, instance_number, index); str = p_ccsp_desc->psm_get_value_fn(recName, strValue, sizeof(strValue)); if (str != NULL) { - strcpy(temp_psm_mac_param->device_name, str); + snprintf(temp_psm_mac_param->device_name, sizeof(temp_psm_mac_param->device_name), "%s", str); wifi_util_dbg_print(WIFI_MGR,"psm get device_name is %s\r\n", str); } else { wifi_util_dbg_print(WIFI_MGR,"[Failure] psm record_name: %s\n", recName); @@ -8981,7 +8986,7 @@ int get_vap_params_from_psm(unsigned int vap_index, wifi_vap_info_t *vap_config, snprintf(recName, sizeof(recName), BeaconRateCtl, instance_number); str = p_ccsp_desc->psm_get_value_fn(recName, strValue, sizeof(strValue)); if (str != NULL) { - strcpy(bss_cfg->beaconRateCtl,str); + snprintf(bss_cfg->beaconRateCtl, sizeof(bss_cfg->beaconRateCtl), "%s", str); wifi_util_dbg_print(WIFI_MGR,"bss_cfg->beaconRateCtl is %s and str is %s \r\n", bss_cfg->beaconRateCtl, str); } else { wifi_util_dbg_print(WIFI_MGR,"%s:%d str value for beaconRateCtl:%s \r\n", __func__, __LINE__, str); diff --git a/source/dml/tr_181/ml/cosa_apis_util.c b/source/dml/tr_181/ml/cosa_apis_util.c index a3c5f31c5..0c3e16257 100755 --- a/source/dml/tr_181/ml/cosa_apis_util.c +++ b/source/dml/tr_181/ml/cosa_apis_util.c @@ -129,7 +129,7 @@ CosaUtilGetIfAddr struct ifreq ifr; int fd = 0; - strcpy(ifr.ifr_name, netdev); + snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "%s", netdev); if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) >= 0) { @@ -264,7 +264,7 @@ CosaUtilGetLowerLayers while ((pTableStringToken = AnscTcUnlinkToken(pTableListTokenChain))) { - if ( pTableStringToken->Name ) + if ( pTableStringToken->Name[0] != '\0' ) { if ( AnscEqualString(pTableStringToken->Name, "Device.Ethernet.Interface.", TRUE ) ) { @@ -527,7 +527,7 @@ CosaUtilGetFullPathNameByKeyword while ((pTableStringToken = AnscTcUnlinkToken(pTableListTokenChain))) { - if ( pTableStringToken->Name ) + if ( pTableStringToken->Name[0] != '\0' ) { /* Get the string XXXNumberOfEntries */ pString2 = (PUCHAR)&pTableStringToken->Name[0]; diff --git a/source/dml/tr_181/ml/cosa_harvester_dml.c b/source/dml/tr_181/ml/cosa_harvester_dml.c index 0ac142bd2..c4692626f 100644 --- a/source/dml/tr_181/ml/cosa_harvester_dml.c +++ b/source/dml/tr_181/ml/cosa_harvester_dml.c @@ -761,7 +761,7 @@ ActiveMeasurements_Plan_SetParamStringValue } else { AnscTraceWarning(("%s : Plan ID is not same\n", __func__)); - strncpy((char*)pcfg->PlanId, pValue, strlen(pValue)); + snprintf((char*)pcfg->PlanId, sizeof(pcfg->PlanId), "%s", pValue); /* Reset all the step information when plan id changes */ if (ANSC_STATUS_SUCCESS != CosaDmlWiFiClient_ResetActiveMsmtStep(pcfg)) { AnscTraceWarning(("%s : resetting Active measurement Step Information failed\n", __FUNCTION__)); @@ -982,13 +982,13 @@ ActiveMeasurement_Step_SetParamStringValue } if (AnscEqualString(ParamName, "SourceMac", TRUE)) { - strcpy( (char*)pcfg->Step[StepIns].SrcMac,pValue); + snprintf((char*)pcfg->Step[StepIns].SrcMac, sizeof(pcfg->Step[StepIns].SrcMac), "%s", pValue); wifi_util_dbg_print(WIFI_DMCLI,"%s:%d \n",(char*)pcfg->Step[StepIns].SrcMac ,StepIns); return TRUE; } if (AnscEqualString(ParamName, "DestMac", TRUE)) { - strcpy((char*) pcfg->Step[StepIns].DestMac,pValue); + snprintf((char*)pcfg->Step[StepIns].DestMac, sizeof(pcfg->Step[StepIns].DestMac), "%s", pValue); wifi_util_dbg_print(WIFI_DMCLI,"%s:%d \n",(char*)pcfg->Step[StepIns].DestMac ,StepIns); return TRUE; } diff --git a/source/dml/tr_181/ml/cosa_wifi_dml.c b/source/dml/tr_181/ml/cosa_wifi_dml.c index b992ac911..df1208015 100755 --- a/source/dml/tr_181/ml/cosa_wifi_dml.c +++ b/source/dml/tr_181/ml/cosa_wifi_dml.c @@ -5040,7 +5040,7 @@ BOOL AMSDU_TID_SetParamBoolValue(ANSC_HANDLE hInsContext, char *ParamName, BOOL return FALSE; } - if ((radio_instance_number < 0) || (radio_instance_number > (INT)get_num_radio_dml())) + if (radio_instance_number > (INT)get_num_radio_dml()) { wifi_util_dbg_print(WIFI_DMCLI,"%s:%d Radio instanceNumber:%d out of range\n", __func__, __LINE__, radio_instance_number); return FALSE; @@ -5122,7 +5122,7 @@ BOOL AMSDU_TID_GetParamBoolValue(ANSC_HANDLE hInsContext, char *ParamName, BOOL return FALSE; } - if ((radio_instance_number < 0) || (radio_instance_number > (INT)get_num_radio_dml())) + if (radio_instance_number > (INT)get_num_radio_dml()) { wifi_util_dbg_print(WIFI_DMCLI,"%s:%d Radio instanceNumber:%d out of range\n", __func__, __LINE__, radio_instance_number); return FALSE; @@ -6616,7 +6616,7 @@ AccessPoint_GetEntry wifi_vap_info_t * vapInfo = NULL; wifi_util_dbg_print(WIFI_DMCLI,"%s:%d: total number of vaps:%d nIndex:%d\n",__func__, __LINE__, get_total_num_vap_dml(), nIndex); - if ( nIndex >= 0 && nIndex <= (UINT)get_total_num_vap_dml() ) + if (nIndex <= (UINT)get_total_num_vap_dml() ) { UINT vapIndex = VAP_INDEX(((webconfig_dml_t *)get_webconfig_dml())->hal_cap, nIndex); wifi_util_dbg_print(WIFI_DMCLI,"%s:%d: nIndex:%d -> vapIndex:%d\n", __func__, __LINE__, nIndex, vapIndex); @@ -13407,7 +13407,15 @@ InterworkingElement_SetParamStringValue /* check the parameter name and return the corresponding value */ if( AnscEqualString(ParamName, "HESSID", TRUE)) { - AnscCopyString(vapInfo->u.bss_info.interworking.interworking.hessid, pString); + if (strnlen(pString, sizeof(vapInfo->u.bss_info.interworking.interworking.hessid)) < sizeof(vapInfo->u.bss_info.interworking.interworking.hessid)) + { + AnscCopyString((char*)vapInfo->u.bss_info.interworking.interworking.hessid, (char*)pString); + } + else + { + wifi_util_dbg_print(WIFI_DMCLI,"%s:%d HESSID length is more than expected\n", __FUNCTION__, __LINE__); + return FALSE; + } set_dml_cache_vap_config_changed(instance_number - 1); return TRUE; } @@ -13470,7 +13478,8 @@ InterworkingElement_Validate } //VenueGroup must be greater or equal to 0 and less than 12 - if (!((vap_pcfg->u.bss_info.interworking.interworking.venueGroup < 12) && (vap_pcfg->u.bss_info.interworking.interworking.venueGroup >= 0))) { + if (!(vap_pcfg->u.bss_info.interworking.interworking.venueGroup < 12)) + { AnscCopyString(pReturnParamName, "Group"); *puLength = AnscSizeOfString("Group"); CcspWifiTrace(("RDK_LOG_ERROR,(%s), VenueGroup validation error!!!\n", __func__)); @@ -13489,43 +13498,43 @@ InterworkingElement_Validate } break; case 1: - if (!((vap_pcfg->u.bss_info.interworking.interworking.venueType < 16) && (vap_pcfg->u.bss_info.interworking.interworking.venueType >= 0))) + if (!(vap_pcfg->u.bss_info.interworking.interworking.venueType < 16)) { updateInvalidType = 1; } break; case 2: - if (!((vap_pcfg->u.bss_info.interworking.interworking.venueType < 10) && (vap_pcfg->u.bss_info.interworking.interworking.venueType >= 0))) + if (!(vap_pcfg->u.bss_info.interworking.interworking.venueType < 10)) { updateInvalidType = 1; } break; case 3: - if (!((vap_pcfg->u.bss_info.interworking.interworking.venueType < 4) && (vap_pcfg->u.bss_info.interworking.interworking.venueType >= 0))) + if (!(vap_pcfg->u.bss_info.interworking.interworking.venueType < 4)) { updateInvalidType = 1; } break; case 4: - if (!((vap_pcfg->u.bss_info.interworking.interworking.venueType < 2) && (vap_pcfg->u.bss_info.interworking.interworking.venueType >= 0))) + if (!(vap_pcfg->u.bss_info.interworking.interworking.venueType < 2)) { updateInvalidType = 1; } break; case 5: - if (!((vap_pcfg->u.bss_info.interworking.interworking.venueType < 6) && (vap_pcfg->u.bss_info.interworking.interworking.venueType >= 0))) + if (!(vap_pcfg->u.bss_info.interworking.interworking.venueType < 6)) { updateInvalidType = 1; } break; case 6: - if (!((vap_pcfg->u.bss_info.interworking.interworking.venueType < 6) && (vap_pcfg->u.bss_info.interworking.interworking.venueType >= 0))) + if (!(vap_pcfg->u.bss_info.interworking.interworking.venueType < 6)) { updateInvalidType = 1; } break; case 7: - if (!((vap_pcfg->u.bss_info.interworking.interworking.venueType < 5) && (vap_pcfg->u.bss_info.interworking.interworking.venueType >= 0))) + if (!(vap_pcfg->u.bss_info.interworking.interworking.venueType < 5)) { updateInvalidType = 1; } @@ -13544,13 +13553,13 @@ InterworkingElement_Validate } break; case 10: - if (!((vap_pcfg->u.bss_info.interworking.interworking.venueType < 8) && (vap_pcfg->u.bss_info.interworking.interworking.venueType >= 0))) + if (!(vap_pcfg->u.bss_info.interworking.interworking.venueType < 8)) { updateInvalidType = 1; } break; case 11: - if (!((vap_pcfg->u.bss_info.interworking.interworking.venueType < 7) && (vap_pcfg->u.bss_info.interworking.interworking.venueType >= 0))) + if (!(vap_pcfg->u.bss_info.interworking.interworking.venueType < 7)) { updateInvalidType = 1; } @@ -13567,7 +13576,7 @@ InterworkingElement_Validate } //AccessNetworkType must be greater or equal to 0 and less than 16 - if (!(((vap_pcfg->u.bss_info.interworking.interworking.accessNetworkType < 6) && (vap_pcfg->u.bss_info.interworking.interworking.accessNetworkType >= 0)) || ((vap_pcfg->u.bss_info.interworking.interworking.accessNetworkType < 16) && (vap_pcfg->u.bss_info.interworking.interworking.accessNetworkType > 13)))) + if (!((vap_pcfg->u.bss_info.interworking.interworking.accessNetworkType < 6) || ((vap_pcfg->u.bss_info.interworking.interworking.accessNetworkType < 16) && (vap_pcfg->u.bss_info.interworking.interworking.accessNetworkType > 13)))) { AnscCopyString(pReturnParamName, "AccessNetworkType"); *puLength = AnscSizeOfString("AccessNetworkType"); @@ -13576,7 +13585,8 @@ InterworkingElement_Validate } //InternetAvailable must be greater or equal to 0 and less than 2 - if ((vap_pcfg->u.bss_info.interworking.interworking.internetAvailable < 0) || (vap_pcfg->u.bss_info.interworking.interworking.internetAvailable > 1)) { + if (vap_pcfg->u.bss_info.interworking.interworking.internetAvailable > 1) + { AnscCopyString(pReturnParamName, "InternetAvailable"); *puLength = AnscSizeOfString("InternetAvailable"); CcspWifiTrace(("RDK_LOG_ERROR,(%s), Internet validation error!!!\n", __func__)); @@ -13584,7 +13594,8 @@ InterworkingElement_Validate } //ASRA must be greater or equal to 0 and less than 2 - if ((vap_pcfg->u.bss_info.interworking.interworking.asra < 0) || (vap_pcfg->u.bss_info.interworking.interworking.asra > 1)) { + if (vap_pcfg->u.bss_info.interworking.interworking.asra > 1) + { AnscCopyString(pReturnParamName, "ASRA"); *puLength = AnscSizeOfString("ASRA"); CcspWifiTrace(("RDK_LOG_ERROR,(%s), ASRA validation error!!!\n", __func__)); @@ -13592,7 +13603,8 @@ InterworkingElement_Validate } //ESR must be greater or equal to 0 and less than 2 - if ((vap_pcfg->u.bss_info.interworking.interworking.esr < 0) || (vap_pcfg->u.bss_info.interworking.interworking.esr > 1)) { + if (vap_pcfg->u.bss_info.interworking.interworking.esr > 1) + { AnscCopyString(pReturnParamName, "ESR"); *puLength = AnscSizeOfString("ESR"); CcspWifiTrace(("RDK_LOG_ERROR,(%s), ESR validation error!!!\n", __func__)); @@ -13600,7 +13612,8 @@ InterworkingElement_Validate } //UESA must be greater or equal to 0 and less than 2 - if ((vap_pcfg->u.bss_info.interworking.interworking.uesa < 0) || (vap_pcfg->u.bss_info.interworking.interworking.uesa > 1)) { + if (vap_pcfg->u.bss_info.interworking.interworking.uesa > 1) + { AnscCopyString(pReturnParamName, "UESA"); *puLength = AnscSizeOfString("UESA"); CcspWifiTrace(("RDK_LOG_ERROR,(%s), UESA validation error!!!\n", __func__)); @@ -13608,7 +13621,8 @@ InterworkingElement_Validate } //VenueOptionPresent must be greater or equal to 0 and less than 2 - if ((vap_pcfg->u.bss_info.interworking.interworking.venueOptionPresent < 0) || (vap_pcfg->u.bss_info.interworking.interworking.venueOptionPresent > 1)) { + if (vap_pcfg->u.bss_info.interworking.interworking.venueOptionPresent > 1) + { AnscCopyString(pReturnParamName, "VenueOptionPresent"); *puLength = AnscSizeOfString("VenueOptionPresent"); CcspWifiTrace(("RDK_LOG_ERROR,(%s), VenueOption validation error!!!\n", __func__)); @@ -20345,7 +20359,8 @@ InterworkingService_GetParamStringValue if( AnscEqualString(ParamName, "Parameters", TRUE)) { /* collect value */ - if(pcfg->anqp.anqpParameters){ + if(pcfg->anqp.anqpParameters[0] != '\0') + { if( AnscSizeOfString((char *)pcfg->anqp.anqpParameters) < *pUlSize) { AnscCopyString(pValue, (char *)pcfg->anqp.anqpParameters); @@ -20592,7 +20607,8 @@ Passpoint_GetParamStringValue /* check the parameter name and return the corresponding value */ if( AnscEqualString(ParamName, "Parameters", TRUE)) { - if(pcfg->passpoint.hs2Parameters) { + if(pcfg->passpoint.hs2Parameters[0] != '\0') + { if( AnscSizeOfString((char *)pcfg->passpoint.hs2Parameters) < *pUlSize) { AnscCopyString(pValue, (char *)pcfg->passpoint.hs2Parameters); @@ -20794,7 +20810,16 @@ Passpoint_SetParamStringValue wifi_util_dbg_print(WIFI_DMCLI,"%s:%d Invalid json for vap %s\n", __FUNCTION__,__LINE__,pcfg->vap_name); return FALSE; } - AnscCopyString((char*)vapInfo->u.bss_info.interworking.passpoint.hs2Parameters,pString); + if (strnlen(pString, sizeof(vapInfo->u.bss_info.interworking.passpoint.hs2Parameters)) < sizeof(vapInfo->u.bss_info.interworking.passpoint.hs2Parameters)) + { + AnscCopyString((char*)vapInfo->u.bss_info.interworking.passpoint.hs2Parameters,pString); + } + else + { + wifi_util_dbg_print(WIFI_DMCLI,"%s:%d Input string too long for vap %s\n", __FUNCTION__, __LINE__, pcfg->vap_name); + cJSON_Delete(p_root); + return FALSE; + } set_dml_cache_vap_config_changed(instance_number - 1); return TRUE; } diff --git a/source/dml/tr_181/ml/plugin_main.c b/source/dml/tr_181/ml/plugin_main.c index 3c88daf85..b67ac8549 100644 --- a/source/dml/tr_181/ml/plugin_main.c +++ b/source/dml/tr_181/ml/plugin_main.c @@ -238,7 +238,15 @@ COSA_Init if ((tmpSubsystemPrefix = g_GetSubsystemPrefix(g_pDslhDmlAgent))) { - AnscCopyString(g_SubSysPrefix_Irep, tmpSubsystemPrefix); + if (strnlen(tmpSubsystemPrefix, sizeof(g_SubSysPrefix_Irep)) < sizeof(g_SubSysPrefix_Irep)) + { + AnscCopyString(g_SubSysPrefix_Irep, tmpSubsystemPrefix); + } + else + { + wifi_util_error_print(WIFI_APPS, "%s:%d Subsystem prefix length is more than expected\n", __func__, __LINE__); + goto EXIT; + } } } diff --git a/source/dml/wifi_ssp/ssp_main.c b/source/dml/wifi_ssp/ssp_main.c index a834ee5f3..b3ae47832 100644 --- a/source/dml/wifi_ssp/ssp_main.c +++ b/source/dml/wifi_ssp/ssp_main.c @@ -421,7 +421,7 @@ bool drop_root() bool retval = false; syscfg_init(); syscfg_get( NULL, "NonRootSupport", buf, sizeof(buf)); - if(buf != NULL) { + if (buf[0] != '\0') { if(strncmp(buf, "true", strlen("true")) == 0) { if(init_capability() != NULL) { if(drop_root_caps(&appcaps) != -1) { diff --git a/source/sampleapps/webconfig_consumer_apis.c b/source/sampleapps/webconfig_consumer_apis.c index 1de787d01..59d204ac4 100644 --- a/source/sampleapps/webconfig_consumer_apis.c +++ b/source/sampleapps/webconfig_consumer_apis.c @@ -1822,7 +1822,7 @@ void generate_tunnel_event(bool status, rbusHandle_t handle) void copy_data(char *dest, char *src, unsigned char dest_len) { if (src != NULL) { - strcpy(dest, src); + snprintf(dest, dest_len, "%s", src); } else { memset(dest, 0 , dest_len); } diff --git a/source/sampleapps/webconfig_consumer_cli.c b/source/sampleapps/webconfig_consumer_cli.c index 4227de4d6..4d6f4c166 100644 --- a/source/sampleapps/webconfig_consumer_cli.c +++ b/source/sampleapps/webconfig_consumer_cli.c @@ -153,7 +153,7 @@ void delete_cli_thread(void) void *cli_input_func(void *arg) { - char input_char; + int input_char; unsigned char char_index = 0; bool space_detection = 0, allow_special_char = 0; char input_buff[128] = { 0 }; diff --git a/source/utils/wifi_validator.c b/source/utils/wifi_validator.c index d97ef70d5..8417ef6ba 100644 --- a/source/utils/wifi_validator.c +++ b/source/utils/wifi_validator.c @@ -721,11 +721,6 @@ static void validation_error_msg(const uint8_t group, const uint8_t type, pErr e static int checkVenueParams(const uint8_t venueGroup, const uint8_t venueType, pErr execRetVal) { - if (venueType > 15) { - validation_error_msg(venueGroup, venueType, execRetVal); - return RETURN_ERR; - } - switch (venueGroup) { case 0: if (venueType > 0) { @@ -1493,7 +1488,7 @@ int validate_vap(const cJSON *vap, wifi_vap_info_t *vap_info, wifi_platform_prop //VAP Name validate_param_string(vap, "VapName",param); - strcpy(vap_info->vap_name, param->valuestring); + snprintf(vap_info->vap_name, sizeof(vap_info->vap_name), "%s", param->valuestring); //Bridge Name validate_param_string(vap, "BridgeName", param); @@ -1501,7 +1496,7 @@ int validate_vap(const cJSON *vap, wifi_vap_info_t *vap_info, wifi_platform_prop // SSID validate_param_string(vap, "SSID", param); - strcpy(vap_info->u.bss_info.ssid, param->valuestring); + snprintf(vap_info->u.bss_info.ssid, sizeof(vap_info->u.bss_info.ssid), "%s", param->valuestring); if (validate_ssid_name(vap_info->u.bss_info.ssid, execRetVal) != RETURN_OK) { wifi_util_dbg_print(WIFI_PASSPOINT, "%s %d : Ssid name validation failed for %s\n",__FUNCTION__, __LINE__, vap_info->vap_name); @@ -1612,7 +1607,7 @@ int validate_vap(const cJSON *vap, wifi_vap_info_t *vap_info, wifi_platform_prop // BeaconRateCtl validate_param_string(vap, "BeaconRateCtl", param); - strcpy(vap_info->u.bss_info.beaconRateCtl, param->valuestring); + snprintf(vap_info->u.bss_info.beaconRateCtl, sizeof(vap_info->u.bss_info.beaconRateCtl), "%s", param->valuestring); // HostapMgtFrameCtrl validate_param_bool(vap, "HostapMgtFrameCtrl", param);