--- libaitrpc/src/cli.c 2010/07/12 08:46:41 1.1.1.1.2.6 +++ libaitrpc/src/cli.c 2011/07/14 02:39:52 1.2.2.3 @@ -3,9 +3,46 @@ * by Michael Pounov * * $Author: misho $ -* $Id: cli.c,v 1.1.1.1.2.6 2010/07/12 08:46:41 misho Exp $ +* $Id: cli.c,v 1.2.2.3 2011/07/14 02:39:52 misho Exp $ * -*************************************************************************/ +************************************************************************** +The ELWIX and AITNET software is distributed under the following +terms: + +All of the documentation and software included in the ELWIX and AITNET +Releases is copyrighted by ELWIX - Sofia/Bulgaria + +Copyright 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 + by Michael Pounov . All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. +3. All advertising materials mentioning features or use of this software + must display the following acknowledgement: +This product includes software developed by Michael Pounov +ELWIX - Embedded LightWeight unIX and its contributors. +4. Neither the name of AITNET nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY AITNET AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. +*/ #include "global.h" @@ -214,7 +251,7 @@ rpc_cli_execCall(rpc_cli_t *cli, const char *csModule, fd_set fds; u_char buf[BUFSIZ], str[MAXPATHLEN + UCHAR_MAX + 1], *data; struct tagRPCCall *rpc = (struct tagRPCCall*) buf; - struct tagRPCRet *rrpc; + struct tagRPCRet *rrpc = NULL; int ret = 0, Limit = 0; register int i; rpc_val_t *v; @@ -239,8 +276,12 @@ rpc_cli_execCall(rpc_cli_t *cli, const char *csModule, Limit = sizeof(struct tagRPCCall); if (in_argc) { v = (rpc_val_t*) (buf + sizeof(struct tagRPCCall)); + if (in_argc * sizeof(rpc_val_t) > BUFSIZ - Limit) { + rpc_SetErr(EMSGSIZE, "Error:: in prepare RPC packet values (-7) ...\n"); + return -7; + } else + Limit += in_argc * sizeof(rpc_val_t); memcpy(v, in_vals, in_argc * sizeof(rpc_val_t)); - Limit += in_argc * sizeof(rpc_val_t); data = (u_char*) v + in_argc * sizeof(rpc_val_t); for (i = 0; i < in_argc; i++) { switch (in_vals[i].val_type) { @@ -256,15 +297,15 @@ rpc_cli_execCall(rpc_cli_t *cli, const char *csModule, Limit += in_vals[i].val_len; break; case string: - if (Limit + in_vals[i].val_len + 1 > BUFSIZ) { + if (Limit + in_vals[i].val_len > BUFSIZ) { ret = -7; break; } memcpy(data, in_vals[i].val.string, in_vals[i].val_len); v[i].val.string = (int8_t*) ((void*) data - (void*) v); - data += in_vals[i].val_len + 1; - Limit += in_vals[i].val_len + 1; + data += in_vals[i].val_len; + Limit += in_vals[i].val_len; break; default: break; @@ -280,7 +321,7 @@ rpc_cli_execCall(rpc_cli_t *cli, const char *csModule, return -1; } if (ret != Limit) { - rpc_SetErr(EBADMSG, "Error:: in send RPC request, should be send %d bytes, really is %d\n", + rpc_SetErr(ECANCELED, "Error:: in send RPC request, should be send %d bytes, really is %d\n", Limit, ret); return -9; } @@ -298,14 +339,14 @@ rpc_cli_execCall(rpc_cli_t *cli, const char *csModule, LOGERR; return -3; } - if (!ret) // receive EOF + if (!ret) /* receive EOF! */ return 0; if (ret < sizeof(struct tagRPCRet)) { rpc_SetErr(EMSGSIZE, "Error:: too short RPC packet ...\n"); return -4; } else rrpc = (struct tagRPCRet*) buf; - // check RPC packet session info + /* check RPC packet session info */ if (memcmp(&rrpc->ret_session, cli->cli_parent, sizeof rrpc->ret_session)) { rpc_SetErr(EINVAL, "Error:: get invalid RPC session ...\n"); return -5; @@ -321,7 +362,7 @@ rpc_cli_execCall(rpc_cli_t *cli, const char *csModule, return -7; } else Limit += rrpc->ret_argc * sizeof(rpc_val_t); - // RPC is OK! Go decapsulate variables ... + /* RPC is OK! Go decapsulate variables ... */ if (rrpc->ret_argc) { *out_argc = rrpc->ret_argc; *out_vals = calloc(rrpc->ret_argc, sizeof(rpc_val_t)); @@ -331,7 +372,7 @@ rpc_cli_execCall(rpc_cli_t *cli, const char *csModule, return -1; } else memcpy(*out_vals, buf + sizeof(struct tagRPCRet), Limit - sizeof(struct tagRPCRet)); - // RPC received variables types OK! + /* RPC received variables types OK! */ data = (u_char*) buf + Limit; for (i = 0; i < rrpc->ret_argc; i++) switch ((*out_vals)[i].val_type) { @@ -357,24 +398,25 @@ rpc_cli_execCall(rpc_cli_t *cli, const char *csModule, data += (*out_vals)[i].val_len; break; case string: - if ((*out_vals)[i].val_len + 1 > BUFSIZ - Limit) { + if ((*out_vals)[i].val_len > BUFSIZ - Limit) { rpc_SetErr(EMSGSIZE, "Error:: Too big RPC packet ...\n"); free(*out_vals); *out_vals = NULL; *out_argc = 0; return -7; } else - Limit += (*out_vals)[i].val_len + 1; + Limit += (*out_vals)[i].val_len; - (*out_vals)[i].val.string = (int8_t*) strdup((char*) data); + (*out_vals)[i].val.string = malloc((*out_vals)[i].val_len); if (!(*out_vals)[i].val.string) { rpc_SetErr(errno, "Error:: in prepare RPC reply ...\n"); free(*out_vals); *out_vals = NULL; *out_argc = 0; return -1; - } - data += (*out_vals)[i].val_len + 1; + } else + memcpy((*out_vals)[i].val.string, data, (*out_vals)[i].val_len); + data += (*out_vals)[i].val_len; break; default: break;