From 58d4f5d9dfacc82fa817b094b9914fe276d00215 Mon Sep 17 00:00:00 2001 From: swc Date: Tue, 20 Oct 2020 15:08:38 +0900 Subject: [PATCH] Applying bugfix corresponding static analysis - change in BuildRunName.h to prevent Deref_of_null_assign - buildInotify changed to prevent double-close - Added calloc fail checker in listener function - changed printBuffer size in receiveDataFromSctp to prevent stackoverflow Issue-ID: RIC-660 Signed-off-by: swc Change-Id: I012454d87c1e32f62cfdb96f7896bd6ad544e846 --- RIC-E2-TERMINATION/BuildRunName.h | 46 +++++++++++++++------------------------ RIC-E2-TERMINATION/sctpThread.cpp | 9 ++++---- 2 files changed, 23 insertions(+), 32 deletions(-) diff --git a/RIC-E2-TERMINATION/BuildRunName.h b/RIC-E2-TERMINATION/BuildRunName.h index e6eaccd..6aff4dc 100644 --- a/RIC-E2-TERMINATION/BuildRunName.h +++ b/RIC-E2-TERMINATION/BuildRunName.h @@ -95,23 +95,21 @@ int buildRanName(char *ranName, E2setupRequestIEs_t *ie) { } case GlobalE2node_ID_PR_ng_eNB: { auto *ngEnb = ie->value.choice.GlobalE2node_ID.choice.ng_eNB; - char *buf = (char *)ngEnb->global_ng_eNB_ID.plmn_id.buf; - char str[20] = {}; - BIT_STRING_t *data = nullptr; switch (ngEnb->global_ng_eNB_ID.enb_id.present) { case ENB_ID_Choice_PR_enb_ID_macro: { - strncpy(str, (const char *)"ng_enB_macro_", 13); - data = &ngEnb->global_ng_eNB_ID.enb_id.choice.enb_ID_macro; + translatePlmnId(ranName, (const unsigned char *)ngEnb->global_ng_eNB_ID.plmn_id.buf, (const char *)"ng_enB_macro_"); + translateBitStringToChar(ranName, ngEnb->global_ng_eNB_ID.enb_id.choice.enb_ID_macro); break; } case ENB_ID_Choice_PR_enb_ID_shortmacro: { - strncpy(str, (const char *)"ng_enB_shortmacro_", 18); - data = &ngEnb->global_ng_eNB_ID.enb_id.choice.enb_ID_shortmacro; + translatePlmnId(ranName, (const unsigned char *)ngEnb->global_ng_eNB_ID.plmn_id.buf, (const char *)"ng_enB_shortmacro_"); + translateBitStringToChar(ranName, ngEnb->global_ng_eNB_ID.enb_id.choice.enb_ID_shortmacro); break; } case ENB_ID_Choice_PR_enb_ID_longmacro: { - strncpy(str, (const char *)"ng_enB_longmacro_", 17); - data = &ngEnb->global_ng_eNB_ID.enb_id.choice.enb_ID_longmacro; + translatePlmnId(ranName, (const unsigned char *)ngEnb->global_ng_eNB_ID.plmn_id.buf, (const char *)"ng_enB_longmacro_"); + translateBitStringToChar(ranName, ngEnb->global_ng_eNB_ID.enb_id.choice.enb_ID_longmacro); + break; } case ENB_ID_Choice_PR_NOTHING: { break; @@ -119,45 +117,37 @@ int buildRanName(char *ranName, E2setupRequestIEs_t *ie) { default: break; } - translatePlmnId(ranName, (const unsigned char *)buf, (const char *)str); - translateBitStringToChar(ranName, *data); - break; } case GlobalE2node_ID_PR_eNB: { auto *enb = ie->value.choice.GlobalE2node_ID.choice.eNB; - char *buf = (char *)enb->global_eNB_ID.pLMN_Identity.buf; - char str[20] = {}; - BIT_STRING_t *data = nullptr; - switch (enb->global_eNB_ID.eNB_ID.present) { case ENB_ID_PR_macro_eNB_ID: { - strncpy(str, (const char *)"enB_macro_", 10); - data = &enb->global_eNB_ID.eNB_ID.choice.macro_eNB_ID; + translatePlmnId(ranName, (const unsigned char *)enb->global_eNB_ID.pLMN_Identity.buf, (const char *)"enB_macro_"); + translateBitStringToChar(ranName, enb->global_eNB_ID.eNB_ID.choice.macro_eNB_ID); break; } case ENB_ID_PR_home_eNB_ID: { - strncpy(str, (const char *)"enB_home_", 9); - data = &enb->global_eNB_ID.eNB_ID.choice.home_eNB_ID; + translatePlmnId(ranName, (const unsigned char *)enb->global_eNB_ID.pLMN_Identity.buf, (const char *)"enB_home_"); + translateBitStringToChar(ranName, enb->global_eNB_ID.eNB_ID.choice.home_eNB_ID); break; } case ENB_ID_PR_short_Macro_eNB_ID: { - strncpy(str, (const char *)"enB_shortmacro_", 15); - data = &enb->global_eNB_ID.eNB_ID.choice.short_Macro_eNB_ID; + translatePlmnId(ranName, (const unsigned char *)enb->global_eNB_ID.pLMN_Identity.buf, (const char *)"enB_shortmacro_"); + translateBitStringToChar(ranName, enb->global_eNB_ID.eNB_ID.choice.short_Macro_eNB_ID); break; } case ENB_ID_PR_long_Macro_eNB_ID: { - strncpy(str, (const char *)"enB_longmacro_", 14); - data = &enb->global_eNB_ID.eNB_ID.choice.long_Macro_eNB_ID; + translatePlmnId(ranName, (const unsigned char *)enb->global_eNB_ID.pLMN_Identity.buf, (const char *)"enB_longmacro_"); + translateBitStringToChar(ranName, enb->global_eNB_ID.eNB_ID.choice.long_Macro_eNB_ID); + break; + } + case ENB_ID_PR_NOTHING: { break; } - case ENB_ID_PR_NOTHING: default: { break; } } - translatePlmnId(ranName, (const unsigned char *)buf, (const char *)str); - translateBitStringToChar(ranName, *data); - break; } case GlobalE2node_ID_PR_NOTHING: default: diff --git a/RIC-E2-TERMINATION/sctpThread.cpp b/RIC-E2-TERMINATION/sctpThread.cpp index 817b0c2..130f246 100644 --- a/RIC-E2-TERMINATION/sctpThread.cpp +++ b/RIC-E2-TERMINATION/sctpThread.cpp @@ -500,9 +500,6 @@ int buildInotify(sctp_params_t &sctpParams) { sctpParams.inotifyFD = inotify_init1(IN_NONBLOCK); if (sctpParams.inotifyFD == -1) { mdclog_write(MDCLOG_ERR, "Failed to init inotify (inotify_init1) %s", strerror(errno)); - close(sctpParams.rmrListenFd); - rmr_close(sctpParams.rmrCtx); - close(sctpParams.epoll_fd); return -1; } @@ -631,6 +628,10 @@ void listener(sctp_params_t *params) { in_len = sizeof(in_addr); auto *peerInfo = (ConnectedCU_t *)calloc(1, sizeof(ConnectedCU_t)); + if(peerInfo == NULL){ + mdclog_write(MDCLOG_ERR, "calloc failed"); + break; + } peerInfo->sctpParams = params; peerInfo->fileDescriptor = accept(params->listenFD, &in_addr, &in_len); if (peerInfo->fileDescriptor == -1) { @@ -1121,7 +1122,7 @@ int receiveDataFromSctp(struct epoll_event *events, } if (loglevel >= MDCLOG_DEBUG) { - char printBuffer[4096]{}; + char printBuffer[RECEIVE_SCTP_BUFFER_SIZE]{}; char *tmp = printBuffer; for (size_t i = 0; i < (size_t)message.message.asnLength; ++i) { snprintf(tmp, 3, "%02x", message.message.asndata[i]); -- 2.16.6