From 352c5996db1979a055a79bae838966e6cae641a7 Mon Sep 17 00:00:00 2001 From: Steffen Vogel Date: Fri, 30 Jun 2023 13:00:01 +0200 Subject: [PATCH] Fix buffer overflow in UUID handling Signed-off-by: Steffen Vogel --- common | 2 +- include/villas/path.hpp | 6 ++++++ include/villas/super_node.hpp | 4 ++-- lib/api/requests/status.cpp | 11 ++--------- lib/api/requests/universal/info.cpp | 10 ++-------- lib/node.cpp | 10 ++-------- lib/nodes/webrtc.cpp | 7 +++---- lib/nodes/webrtc/peer_connection.cpp | 2 +- lib/path.cpp | 5 +---- lib/super_node.cpp | 15 +++------------ src/villas-relay.cpp | 12 ++---------- 11 files changed, 25 insertions(+), 59 deletions(-) diff --git a/common b/common index d9d4ac76a..120312e93 160000 --- a/common +++ b/common @@ -1 +1 @@ -Subproject commit d9d4ac76a5403e14f7899dae480781e9cdcf0572 +Subproject commit 120312e938dc298b4dc13792e1acf7510190bbf4 diff --git a/include/villas/path.hpp b/include/villas/path.hpp index b2a9e5050..9d67fc5b2 100644 --- a/include/villas/path.hpp +++ b/include/villas/path.hpp @@ -188,6 +188,12 @@ public: return state; } + /** Get the UUID of this path. */ + const uuid_t & getUuid() const + { + return uuid; + } + json_t * toJson() const; }; diff --git a/include/villas/super_node.hpp b/include/villas/super_node.hpp index 085fb00f7..806e1bc81 100644 --- a/include/villas/super_node.hpp +++ b/include/villas/super_node.hpp @@ -146,9 +146,9 @@ public: return state; } - void getUUID(uuid_t out) const + const uuid_t & getUuid() const { - uuid_copy(out, uuid); + return uuid; } struct timespec getStartTime() const diff --git a/lib/api/requests/status.cpp b/lib/api/requests/status.cpp index 55813b941..83925d20a 100644 --- a/lib/api/requests/status.cpp +++ b/lib/api/requests/status.cpp @@ -6,16 +6,14 @@ *********************************************************************************/ #include -#include #include #include +#include #include #include #include -typedef char uuid_string_t[37]; - namespace villas { namespace node { namespace api { @@ -37,15 +35,10 @@ public: auto *sn = session->getSuperNode(); - uuid_t uuid; - uuid_string_t uuid_str; struct utsname uts; struct sysinfo sinfo; char hname[128]; - sn->getUUID(uuid); - uuid_unparse_lower(uuid, uuid_str); - auto now = time_now(); auto started = sn->getStartTime(); @@ -73,7 +66,7 @@ public: "build_id", PROJECT_BUILD_ID, "build_date", PROJECT_BUILD_DATE, "hostname", hname, - "uuid", uuid_str, + "uuid", uuid::toString(sn->getUuid()).c_str(), "time_now", time_to_double(&now), "time_started", time_to_double(&started), "timezone", diff --git a/lib/api/requests/universal/info.cpp b/lib/api/requests/universal/info.cpp index 3f85b5c8c..053207bce 100644 --- a/lib/api/requests/universal/info.cpp +++ b/lib/api/requests/universal/info.cpp @@ -5,8 +5,7 @@ * @license Apache 2.0 *********************************************************************************/ -#include - +#include #include #include #include @@ -28,14 +27,9 @@ public: if (body != nullptr) throw BadRequest("This endpoint does not accept any body data"); - auto uid = node->getUuid(); - - char uid_str[UUID_STR_LEN]; - uuid_unparse(uid, uid_str); - auto *info = json_pack("{ s: s, s: s, s: { s: s, s: s, s: s } }", "id", node->getNameShort().c_str(), - "uuid", uid_str, + "uuid", uuid::toString(node->getUuid()).c_str(), "transport", "type", "villas", diff --git a/lib/node.cpp b/lib/node.cpp index 759cd91cb..54dea752f 100644 --- a/lib/node.cpp +++ b/lib/node.cpp @@ -364,11 +364,8 @@ int Node::write(struct Sample * smps[], unsigned cnt) const std::string & Node::getNameFull() { if (name_full.empty()) { - char uuid_str[37]; - uuid_unparse(uuid, uuid_str); - name_full = fmt::format("{}: uuid={}, #in.signals={}/{}, #in.hooks={}, #out.hooks={}, in.vectorize={}, out.vectorize={}", - getName(), uuid_str, + getName(), uuid::toString(uuid).c_str(), getInputSignals(false)->size(), getInputSignals(true)->size(), in.hooks.size(), out.hooks.size(), @@ -438,9 +435,6 @@ json_t * Node::toJson() const json_t *json_signals_in = nullptr; json_t *json_signals_out = nullptr; - char uuid_str[37]; - uuid_unparse(uuid, uuid_str); - json_signals_in = getInputSignals()->toJson(); auto output_signals = getOutputSignals(); @@ -449,7 +443,7 @@ json_t * Node::toJson() const json_node = json_pack("{ s: s, s: s, s: s, s: i, s: { s: i, s: o? }, s: { s: i, s: o? } }", "name", getNameShort().c_str(), - "uuid", uuid_str, + "uuid", uuid::toString(uuid).c_str(), "state", stateToString(state).c_str(), "affinity", affinity, "in", diff --git a/lib/nodes/webrtc.cpp b/lib/nodes/webrtc.cpp index 49592da85..62d2d7a48 100644 --- a/lib/nodes/webrtc.cpp +++ b/lib/nodes/webrtc.cpp @@ -11,6 +11,7 @@ #include #include +#include #include #include #include @@ -35,9 +36,7 @@ WebRTCNode::WebRTCNode(const uuid_t &id, const std::string &name) : dci.reliability.type = rtc::Reliability::Type::Rexmit; // Initialize signaling peer with node UUID - char uuid_str[36+1]; - uuid_unparse(id, uuid_str); - peer = uuid_str; + peer = uuid::toString(id); } WebRTCNode::~WebRTCNode() @@ -234,7 +233,7 @@ int WebRTCNode::_write(struct Sample *smps[], unsigned cnt) return ret; } -json_t * WebRTCNode::_readStatus() +json_t * WebRTCNode::_readStatus() const { if (!conn) return nullptr; diff --git a/lib/nodes/webrtc/peer_connection.cpp b/lib/nodes/webrtc/peer_connection.cpp index aa98e0d0b..4b66bf6f5 100644 --- a/lib/nodes/webrtc/peer_connection.cpp +++ b/lib/nodes/webrtc/peer_connection.cpp @@ -81,7 +81,7 @@ bool PeerConnection::waitForDataChannel(std::chrono::seconds timeout) return startupCondition.wait_until(lock, deadline, [this](){ return this->stopStartup; }); } -json_t * PeerConnection::readStatus() +json_t * PeerConnection::readStatus() const { auto *json = json_pack("{ s: I, s: I }", "bytes_received", conn->bytesReceived(), diff --git a/lib/path.cpp b/lib/path.cpp index 08042fe00..1c2354de8 100644 --- a/lib/path.cpp +++ b/lib/path.cpp @@ -696,9 +696,6 @@ unsigned Path::getOutputSignalsMaxCount() json_t * Path::toJson() const { - char uuid_str[37]; - uuid_unparse(uuid, uuid_str); - json_t *json_signals = signals->toJson(); #ifdef WITH_HOOKS json_t *json_hooks = hooks.toJson(); @@ -715,7 +712,7 @@ json_t * Path::toJson() const json_array_append_new(json_destinations, json_string(pd->node->getNameShort().c_str())); json_t *json_path = json_pack("{ s: s, s: s, s: s, s: b, s: b s: b, s: b, s: b, s: b s: i, s: o, s: o, s: o, s: o }", - "uuid", uuid_str, + "uuid", uuid::toString(uuid).c_str(), "state", stateToString(state).c_str(), "mode", mode == Mode::ANY ? "any" : "all", "enabled", enabled, diff --git a/lib/super_node.cpp b/lib/super_node.cpp index 9a946ca4b..471e94951 100644 --- a/lib/super_node.cpp +++ b/lib/super_node.cpp @@ -29,8 +29,6 @@ using namespace villas; using namespace villas::node; -typedef char uuid_string_t[37]; - SuperNode::SuperNode() : state(State::INITIALIZED), idleStop(-1), @@ -153,7 +151,7 @@ void SuperNode::parse(json_t *root) } else // Generate UUID from node name and super-node UUID - uuid::generateFromString(node_uuid, node_name, uuid); + uuid::generateFromString(node_uuid, node_name, uuid::toString(uuid)); auto *n = NodeFactory::make(node_type, node_uuid, node_name); if (!n) @@ -162,7 +160,6 @@ void SuperNode::parse(json_t *root) ret = n->parse(json_node); if (ret) { auto config_id = fmt::format("node-config-node-{}", node_type); - throw ConfigError(json_node, config_id, "Failed to parse configuration of node '{}'", node_name); } @@ -514,15 +511,11 @@ graph_t * SuperNode::getGraph() std::map nodeMap; - uuid_string_t uuid_str; - for (auto *n : nodes) { nodeMap[n] = agnode(g, (char *) n->getNameShort().c_str(), 1); - uuid_unparse(n->getUuid(), uuid_str); - set_attr(nodeMap[n], "shape", "ellipse"); - set_attr(nodeMap[n], "tooltip", fmt::format("type={}, uuid={}", n->getFactory()->getName(), uuid_str)); + set_attr(nodeMap[n], "tooltip", fmt::format("type={}, uuid={}", n->getFactory()->getName(), uuid::toString(n->getUuid()).c_str())); // set_attr(nodeMap[n], "fixedsize", "true"); // set_attr(nodeMap[n], "width", "0.15"); // set_attr(nodeMap[n], "height", "0.15"); @@ -534,10 +527,8 @@ graph_t * SuperNode::getGraph() m = agnode(g, (char *) name.c_str(), 1); - uuid_unparse(p->uuid, uuid_str); - set_attr(m, "shape", "box"); - set_attr(m, "tooltip", fmt::format("uuid={}", uuid_str)); + set_attr(m, "tooltip", fmt::format("uuid={}", uuid::toString(p->getUuid()).c_str())); for (auto ps : p->sources) agedge(g, nodeMap[ps->getNode()], m, nullptr, 1); diff --git a/src/villas-relay.cpp b/src/villas-relay.cpp index d4c711528..a4436fe20 100644 --- a/src/villas-relay.cpp +++ b/src/villas-relay.cpp @@ -26,8 +26,6 @@ #include "villas-relay.hpp" -typedef char uuid_string_t[37]; - using namespace villas; using namespace villas::node; @@ -100,12 +98,9 @@ json_t * RelaySession::toJson() const json_array_append(json_connections, conn->toJson()); } - uuid_string_t uuid_str; - uuid_unparse_lower(uuid, uuid_str); - return json_pack("{ s: s, s: s, s: o, s: I, s: i }", "identifier", identifier.c_str(), - "uuid", uuid_str, + "uuid", uuid::toString(uuid).c_str(), "connections", json_connections, "created", created, "connects", connects @@ -296,14 +291,11 @@ int Relay::httpProtocolCallback(lws *wsi, enum lws_callback_reasons reason, void json_array_append(json_sessions, session->toJson()); } - uuid_string_t uuid_str; - uuid_unparse(r->uuid, uuid_str); - json_body = json_pack("{ s: o, s: s, s: s, s: s, s: { s: b, s: i, s: s } }", "sessions", json_sessions, "version", PROJECT_VERSION_STR, "hostname", r->hostname.c_str(), - "uuid", uuid_str, + "uuid", uuid::toString(r->uuid).c_str(), "options", "loopback", r->loopback, "port", r->port,