From a89dcd7942958e0ebe5881dde4820ceb77d29e9b Mon Sep 17 00:00:00 2001 From: cbdev Date: Wed, 23 Jun 2021 22:27:15 +0200 Subject: Fix build with recent environments, fix Coverity CID 371602 and 355842 --- backends/Makefile | 12 +++++++----- backends/mqtt.c | 7 ++++--- backends/rtpmidi.c | 11 ++++++----- 3 files changed, 17 insertions(+), 13 deletions(-) diff --git a/backends/Makefile b/backends/Makefile index aa9c988..4697a5a 100644 --- a/backends/Makefile +++ b/backends/Makefile @@ -60,7 +60,7 @@ openpixelcontrol.dll: ADDITIONAL_OBJS += $(BACKEND_LIB) openpixelcontrol.dll: LDLIBS += -lws2_32 maweb.so: ADDITIONAL_OBJS += $(BACKEND_LIB) -maweb.so: LDLIBS = -lssl +maweb.so: LDLIBS = $(shell pkg-config --libs openssl || echo "-DBUILD_ERROR=\"Missing pkg-config data for openssl\"") maweb.dll: ADDITIONAL_OBJS += $(BACKEND_LIB) maweb.dll: LDLIBS += -lws2_32 maweb.dll: CFLAGS += -DMAWEB_NO_LIBSSL @@ -88,18 +88,20 @@ lua.so: LDLIBS += $(shell pkg-config --libs lua53 || pkg-config --libs lua5.3 || lua.dll: CFLAGS += $(shell pkg-config --cflags lua53 || pkg-config --cflags lua5.3 || pkg-config --cflags lua || echo "-DBUILD_ERROR=\"Missing pkg-config data for lua53\"") lua.dll: LDLIBS += -L../ -llua53 -python.so: CFLAGS += $(shell pkg-config --cflags python3 || pkg-config --cflags python || echo "-DBUILD_ERROR=\"Missing pkg-config data for python3\"") -python.so: CFLAGS += $(shell pkg-config --libs python3 || pkg-config --libs python || echo "-DBUILD_ERROR=\"Missing pkg-config data for python3\"") +# Python seems to ship their own little python3-config tool instead of properly maintaining their pkg-config files. +# This one also spams a good deal of unwanted flags into CFLAGS, so we use only --includes and --libs +python.so: CFLAGS += $(shell python3-config --includes || pkg-config --cflags python3 || pkg-config --cflags python || echo "-DBUILD_ERROR=\"Missing pkg-config data for python3\"") +python.so: LDLIBS += $(shell python3-config --libs || pkg-config --libs python3 || pkg-config --libs python || echo "-DBUILD_ERROR=\"Missing pkg-config data for python3\"") # Generic rules on how to build .SO/.DLL's from C and CPP sources %.so :: %.c %.h $(BACKEND_LIB) - $(CC) $(CFLAGS) $(LDLIBS) $< $(ADDITIONAL_OBJS) -o $@ $(LDFLAGS) + $(CC) $(CFLAGS) $< $(ADDITIONAL_OBJS) -o $@ $(LDFLAGS) $(LDLIBS) %.dll :: %.c %.h $(BACKEND_LIB) $(CC) $(CFLAGS) $< $(ADDITIONAL_OBJS) -o $@ $(LDFLAGS) $(LDLIBS) %.so :: %.cpp %.h - $(CXX) $(CPPFLAGS) $(LDLIBS) $< $(ADDITIONAL_OBJS) -o $@ $(LDFLAGS) + $(CXX) $(CPPFLAGS) $< $(ADDITIONAL_OBJS) -o $@ $(LDFLAGS) $(LDLIBS) # This is the actual first named target, and thus the default all: $(BACKEND_LIB) $(BACKENDS) diff --git a/backends/mqtt.c b/backends/mqtt.c index f2a7c83..47042f1 100644 --- a/backends/mqtt.c +++ b/backends/mqtt.c @@ -775,14 +775,15 @@ static int mqtt_handle_publish(instance* inst, uint8_t type, uint8_t* variable_h property_offset += mqtt_pop_varint(variable_header + property_offset, length - property_offset, NULL); //parse properties - while(property_offset < payload_offset){ + while(property_offset < payload_offset && property_offset < length){ DBGPF("Property %02X at offset %" PRIsize_t " of %" PRIu32, variable_header[property_offset], property_offset, property_length); + //read payload format indicator - if(variable_header[property_offset] == 0x01){ + if(variable_header[property_offset] == 0x01 && property_offset < length - 1){ content_utf8 = variable_header[property_offset + 1]; } //read topic alias - else if(variable_header[property_offset] == 0x23){ + else if(variable_header[property_offset] == 0x23 && property_offset < length - 2){ topic_alias = (variable_header[property_offset + 1] << 8) | variable_header[property_offset + 2]; } diff --git a/backends/rtpmidi.c b/backends/rtpmidi.c index f0987f2..922075e 100644 --- a/backends/rtpmidi.c +++ b/backends/rtpmidi.c @@ -1329,13 +1329,14 @@ static int rtpmidi_mdns_detach(instance* inst){ } offset += bytes; - //TODO length-checks here - frame[offset++] = strlen(inst->name); - memcpy(frame + offset, inst->name, strlen(inst->name)); - offset += strlen(inst->name); + //calculate maximum permitted instance name length + bytes = min(min(strlen(inst->name), sizeof(frame) - offset - 3), 255); + frame[offset++] = bytes; + memcpy(frame + offset, inst->name, bytes); + offset += bytes; frame[offset++] = 0xC0; frame[offset++] = sizeof(dns_header); - rr->data = htobe16(1 + strlen(inst->name) + 2); + rr->data = htobe16(1 + bytes + 2); free(name.name); return rtpmidi_mdns_broadcast(frame, offset); -- cgit v1.2.3