527 Commits

Author SHA1 Message Date
Thijs Schreijer
31acda9688 reverted the uuid functions export, too complicated to export them properly in the upnp.so file. 2013-04-27 09:30:29 +02:00
Thijs Schreijer
c45b279d6f additional header to be installed for *nix to export the uuid functions 2013-04-26 18:43:06 +02:00
Thijs Schreijer
0a5bf524cb added uuid.h to installed header files list, and added SCRIPTSUPPORT to the autoconf configure.ac file 2013-04-26 13:37:08 +02:00
Marcelo Roberto Jimenez
2bb79879b7 Security fix for CERT issue VU#922681
This patch addresses three possible buffer overflows in function
unique_service_name(). The three issues have the folowing CVE
numbers:

CVE-2012-5958 Issue #2: Stack buffer overflow of Tempbuf
CVE-2012-5959 Issue #4: Stack buffer overflow of Event->UDN
CVE-2012-5960 Issue #8: Stack buffer overflow of Event->UDN

Notice that the following issues have already been dealt by previous
work:

CVE-2012-5961 Issue #1: Stack buffer overflow of Evt->UDN
CVE-2012-5962 Issue #3: Stack buffer overflow of Evt->DeviceType
CVE-2012-5963 Issue #5: Stack buffer overflow of Event->UDN
CVE-2012-5964 Issue #6: Stack buffer overflow of Event->DeviceType
CVE-2012-5965 Issue #7: Stack buffer overflow of Event->DeviceType
(cherry picked from commit f015a132e82239cbf40dcb2346d7bee83685531b)
2012-12-06 15:46:09 -02:00
Thijs Schreijer
3f37b55ebc exported the UUID function to enable reuse in client applications 2012-10-21 21:26:11 +02:00
Thijs Schreijer
2a0d73aeac Merge branch 'master' of git://github.com/mrjimenez/pupnp 2012-10-14 08:33:19 +02:00
Thijs Schreijer
d00e494481 Updated parameter to UpnpAcceptSubscriptionExt to a 'const' declaration, this aligns with UpnpAcceptSubscription 2012-07-11 23:18:23 +02:00
Marcelo Roberto Jimenez
9f17244f95 Remove an unused variable
(cherry picked from commit 40e90e89fc406f0ed665d3753b5fb3b7071787d3)
2012-06-20 22:06:38 -03:00
Marcelo Roberto Jimenez
40d5a1dea3 Remove an unused variable ifndef INET_IPV6
(cherry picked from commit 40ddff10964905b3d63b9e1d7ed6d045c2db6dab)
2012-06-20 22:06:38 -03:00
Marcelo Roberto Jimenez
fa9aef8eb6 Remove a pointless way to test a return value
(cherry picked from commit 692813d03e0d89b239639499c5b700ddf6d9458d)
2012-06-20 22:06:38 -03:00
Yoichi NAKAYAMA
f67de332a1 Fix memory leak and access violation in UpnpSendAction(Ex)Async.
Free buffers after malloc or ixmlPrintNode failure.
Free Param->Header before destructing Param.
(cherry picked from commit d9e90499b7ead7e9fae30b9c248b343ec6d9b273)
2012-06-20 21:10:23 -03:00
Anoop Mohan
4d88a2a4ea Fixes a bug in non blocking connect call
This patch fixes a bug in non blocking connect call where the sock
option length for SO_ERROR was passed as 0 instead of sizeof(int).
(cherry picked from commit 6db2271ac36adb6f5bc210240ed41ec8aad2c57f)
2012-05-25 13:40:32 -03:00
Yoichi NAKAYAMA
dc29948893 Disable SetGenaCallback call if device is disabled.
If device is disabled, SetGenaCallback definition is disabled,
but its call remains. A link error will occur in Win32.
(cherry picked from commit 4d21d45da730550707db5cdd2bca399f6217237f)
2012-04-24 14:25:27 -03:00
Yoichi NAKAYAMA
c27a089d6f Fix problems detected as dead assignment warning by clang scan-build.
Wrong assignment by shutdown result hides the real error code
of NewRequestHandler() in ssdp_device.c.
Fix return code description of NewRequestHandler().
Handle return code from ithread_create in sample applications.
Remove unused assignments.

(forward ported from commit 39dfad2cba5f577a24659deb8afc81d9016b2080)
2012-04-24 14:21:47 -03:00
Marcelo Roberto Jimenez
b1646eb0a3 Add errno.h inclusion in unixutil.h only in WIN32
(cherry picked from commit c661180d150231591fa39e7cff85d19155cdd327)
2012-04-11 17:46:34 -03:00
Thijs Schreijer
615f5d18ac Fixed redefinition warnings for EAFNOSUPPORT and EADDRINUSE, Google turned up that they are newly defined in VS2010
unixutil.h, line 41
upnputil.h, line 125

Had a look here; http://bugs.ruby-lang.org/issues/3092 and added the mentioned fixes as found here; http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/trunk/include/ruby/win32.h?r1=27222&r2=27236&pathrev=27258&diff_format=h and here http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/trunk/include/ruby/win32.h?r1=27236&r2=27258&pathrev=27258&diff_format=h
(cherry picked from commit 89fe655aee4e424946e87235e2e0f4045378cba1)
2012-04-11 17:46:34 -03:00
Yoichi NAKAYAMA
4e25119237 Avoid access violation after parser_parse_chunky_headers call.
In parser_parse_chunky_headers, parser->msg.msg.buf can be changed
by membuffer_delete call. Therefore if we save the pointer to
parser->msg.entity.buf before calling membuffer_delete, it will
induce access to released memory.
(cherry picked from commit d72bb5cff51bfc261de7725536cef53fd1f0b356)
2012-04-11 14:40:57 -03:00
Gustavo Zacarias
88b94b5116 ssdp_device: exclude IPv6 stuff when there's no IPv6
Add an additional INET_IPV6 exclusion around IPV6_MULTICAST_HOPS since
the definition isn't guaranteed to exist when the toolchain lacks IPv6
support.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
(cherry picked from commit 1c21e6e54f035576afeb84bd90bdf5f754041105)
2012-04-11 11:57:19 -03:00
Yoichi NAKAYAMA
77559473c1 Remove possibility of access violation.
1. Test Instr before dereference it in http_RecvPostMessage.
(Though it never becomes NULL because NULL is not passed to
the static method)
2. Avoid strdup(NULL) in ixmlElement_setAttributeNS.
Those are detected by llvm scan-build.
(cherry picked from commit a383cbb8e20545222880f064a5b27c15abbf9280)
2012-04-10 11:01:04 -03:00
Yoichi NAKAYAMA
79d4b583fe SF Bug Tracker id 3507819 - Use of thread-unsafe gmtime() in httpreadwrite.c
Define http_gmtime_r and web_server_asctime_r and use it.
Those prefix are added since pthread for Win32 already
has macro gmtime_r and asctime_r.

(forward port of commit 34a77cc095a6be89a7cb2d71202364c3cc7e8d26)
2012-04-10 11:00:09 -03:00
Yoichi NAKAYAMA
85fd18ad64 Fix type of local variable stopSock in RunMiniServer()
The variable is declared as SOCKET, but it is used to
store return value of int receive_from_stopSock(...).
The type was changed in the commit
4b47e6a51d9c7049a862695b68de75699e023551 by mistake.
(cherry picked from commit e10bc2ec0ce5d84ef1adf1c90ae80810aab48afe)
2012-04-10 10:38:14 -03:00
Fabrice Fontaine
320e33ac5a Compilation optimisation
Do not compile the code related to the webserver in http_SendMessage
when --disable-webserver is set
(cherry picked from commit 777c936f4cf022dd025f14bebc98a994a1498536)
2012-04-03 13:46:09 -03:00
Fabrice Fontaine
b58ee1930c Add --enable-unspecified_server
Add --enable-unspecified_server configure option to set to "Unspecified"
the OS name, OS version, product name and product version normally
contained in the SERVER header as this could be used by an attacker.

(forward port of commit 49af91fe4892e30316cceb12eb50c3f2cafb73b4)
2012-03-30 17:32:31 -03:00
Fabrice Fontaine
57af94b287 Removing implicit casts in miniserver.c
Removing implicit integer or enum casts in miniserver.c.
(cherry picked from commit df27ba505f992f89adc3f285379e07740cf5bc1c)
2012-03-30 17:24:07 -03:00
Fabrice Fontaine
0f4458c999 SF Bug Tracker id 3512833 - Miniserver is wrongly disabled
Submitted: Fabrice Fontaine ( ffontaine ) - 2012-03-29 07:36:34 PDT

Miniserver is disabled if ECXLUDE_GENA, EXCLUDE_SOAP and
EXCLUDE_WEBSERVER are set.
However, SSDP needs the Miniserver to answer to M-SEARCH requests.
So, MiniServer should not be disabled if EXCLUDE_SSDP is not also set.
(cherry picked from commit 9a33782ab54a456611c40251d366b3b58a70f6b5)
2012-03-30 17:24:07 -03:00
Yoichi NAKAYAMA
f9ae88182e SF Bug Tracker id 3510693 - build fail with --disable-device
Use INCLUDE_DEVICE_APIS instead of UPNP_HAVE_DEVICE as in other sources.
Don't use soap_device_callback if INCLUDE_DEVICE_APIS is not set,
otherwise link error occur on Windows.
(cherry picked from commit e0e81e6cd2b90b5eda1f806540ceb17595ae149e)
2012-03-26 13:51:25 -03:00
Fabrice Fontaine
cc99e6e865 SF Bug Tracker id 3511149 - --disable-ssdp has no effect
Submitted: Yoichi NAKAYAMA ( yoichi ) - 2012-03-25 18:14:34 PDT

There are typos in upnp/src/inc/config.h "EXCLUDE_SSSDP" (shold be
EXCLUDE_SSDP), therefore EXCLUDE_SSDP is always 0, and --disable-ssdp
has no effect.
(cherry picked from commit 02afbb09c9dc0bde876f99a3a96f50ed655fd940)
2012-03-26 11:32:10 -03:00
Fabrice Fontaine
f99dba3967 Remove implicit casts
Cast parameters of htonl in uint32_t in IN6_IS_ADDR_GLOBAL and
IN6_IS_ADDR_ULA definitions.
Remove comparison with 0 in while statement of vfmatch,
http_SendMessage and http_MakeMessage.
(cherry picked from commit 804088d85902305e949d9f7002d06b1b97a360da)
2012-03-26 11:32:10 -03:00
Yoichi NAKAYAMA
664176c8d6 SF Bug Tracker id 3510693 - build fail with --disable-device
GetDeviceHandleInfo just fail without using undefined member DeviceAf
if UPNP_HAVE_DEVICE is not defined.
Move ContentTypeHeader definition to soap_common.c, since it is
also used in soap_ctrlpt.c.
(cherry picked from commit 679ebeec48d6fd64409bccea1cea466eee8dd237)
2012-03-26 11:32:09 -03:00
Fabrice Fontaine
ad617d7c9c SF Bug Tracker id 3510595 - UpnpDownloadXmlDoc : can't get the file
Submitted: Marco Virgulti ( mvirg83 ) - 2012-03-23 10:08:08 PDT

There is a problem, perhaps, during downloading a document by
UpnpDownloadXmlDoc. During debugging i've found that in an not exported
api (unfortunately i forgot the code line...) where it is setted a
local variable "int timeout" to -1 then passed directly to another
function for sending data through tcp socket. I patched this setting it
to 0 (there is an IF section that exits if timeout < 0). It is normal
behavior or it is a bug?
2012-03-24 22:08:11 +01:00
Fabrice Fontaine
1aecc6c44f Add infoSize parameter to get_sdk_info
Add infoSize parameter to get_sdk_info function to replace sprintf call
by a snprintf call.
(cherry picked from commit e13ffe3bf84f7238b57bde73a4780cbf70bcc511)
2012-03-19 11:48:03 -03:00
Marcelo Roberto Jimenez
f87db576ba Don't use // as comments, it breaks some C compilers
Also, really remove the dead code.

(forward port of commit e0444b26e63eabebe293d42dbf941c0a6833d54d)
2012-03-16 12:03:33 -03:00
Fabrice Fontaine
06f87abc2c Add more explicit casts and remove dead code
Comment unused SERVER from DeviceShutdown.
Comment unused max from parse_hostport.
Comment unused nodeptr from ixmlNode_cloneDoc.
Comment unused newNode from Parser_hasDefaultNamespace.
Comment unused Parser_parseReference function
Check return code of shutdown and display an error if needed.

(forward port of commit cb07623ddece5c5cd1f2867336d92aee938a1334)
2012-03-16 12:00:21 -03:00
Fabrice Fontaine
21c881cbf9 Fix previous commit
Replace HAVE_UPNP_OPTSSDP by UPNP_HAVE_OPTSSDP in upnpapi.c.
(cherry picked from commit a3d038c885b24cffe18a601dea71ceb2e03263ab)
2012-03-15 11:49:01 -03:00
Fabrice Fontaine
b53d552d3f Add --disable-optssdp option
Modify configure.ac to add --disable-optssdp option. This option will
remove OPT, 01-NLS and X_USER_AGENT headers from SSDP messages as those
headers are optional. If --disable-gena and disable-optssdp are both
used, uuid part will not be compiled anymore.
(cherry picked from commit 731512b0e54742b3ab0babafdd58ef28ee9968a4)
2012-03-15 11:49:00 -03:00
Marcelo Roberto Jimenez
5969530dcf Fix for compiler warning messages
src/genlib/net/http/httpreadwrite.c: In function ‘http_Download’:
src/genlib/net/http/httpreadwrite.c:790:5: warning: format ‘%d’ expects
type ‘int’, but argument 6 has type ‘size_t’
src/genlib/net/http/httpreadwrite.c:790:5: warning: format ‘%d’ expects
type ‘int’, but argument 7 has type ‘size_t’
2012-03-15 11:48:03 -03:00
Fabrice Fontaine
b9944242cf Improve upnp/genlib/net
Change ret_code from int to parse_status_t in match.
Set back return code of ReadResponseLineAndHeaders from parse_status_t
to int as this function can return UPNP_E_BAD_HTTPMSG. As a result, do
not cast the result of this function into parse_status_t in
http_OpenHttpGetProxy and http_OpenHttpGetEx.
Use switch with PARSE_OK in parsetools.c.
Add missing explicit casts of integer constants in uri.c and
httpreadwrite.c.
Use switch, int and sa_family_t with AF_INET in uri.c.
Print an error in http_Download if realloc failed.

(forward port of commit b116d10f3700ed462af117055ddcbe65e1729a0a)
2012-03-15 11:32:02 -03:00
Fabrice Fontaine
9a1ca957a7 Use switch instead of if with enums in upnpapi.c
Replace if statements with switch when using HND_DEVICE and HND_CLIENT
enum constants.
Correct also UpnpUnRegisterRootDeviceLowPower and UpnpUnRegisterClient
as those functions were wrongly awaiting an UPNP_E_INVALID_HANDLE
instead of HND_INVALID from GetHandleInfo.
(cherry picked from commit 1a083479a91576effcdd00209725ac68266cbf68)
2012-03-14 20:27:49 -03:00
Fabrice Fontaine
975c5257a3 Improve ssdp part
Do not compile CreateClientRequestPacketUlaGua if IPv6 is disable.
Cast DestAddr->sa_family from sa_family_t into int when calling
CreateServicePacket as this function has been set back to accept int in
a692e591defe6ed9a617b9b4a083964a01f7bbab.
Use switch instead of if with AF_INET and AF_INET6.
Add missing casts from AF_INET and AF_INET6 into sa_family_t when using
them to set sin_family and sin6_family.
Add missing explicit casts into size_t or lu when using integer
constants with strlen or unsigned long indexes.
Set SSDP_PAUSE to be unsigned as it is used with usleep.
(cherry picked from commit 850e6b4849ed594b3b3122e3e300a19b61b444eb)
2012-03-14 20:27:49 -03:00
Fabrice Fontaine
6bd5086a88 Fix missing break in http_RecvMessage
There was a missing break in PARSE_INCOMPLETE_ENTITY due to commit
2eb3e069badd5c8676738c3ead37f9551fd8448e.
(cherry picked from commit 05fb3f80262faef3de496b9f1629274dc883eab5)
2012-03-14 20:27:49 -03:00
Yoichi NAKAYAMA
cca16cbead Fix parse failure observed with tvdevice sample.
Commit c40d2bc0c9b60c43b641ac4669c7b8bbcd6134c5 has a problem
at removing the parentheses in parser_parse_responseline.
Difference of pointers was used with intention, don't cast
them separately.
(cherry picked from commit 7178f300bb308e9eb504248ccf42b024bc394cb5)
2012-03-14 20:27:49 -03:00
Yoichi NAKAYAMA
168444761d Fix compile error on Windows.
Include UpnpStdInt.h for ssize_t.
Define sa_family_t in UpnpInet.h.
(cherry picked from commit f7a801c3aec5a60d6422e2689b7189e7e94d560b)
2012-03-14 20:27:48 -03:00
Yoichi NAKAYAMA
0aa8228dac Avoid ambiguous change of SsdpEvent in unique_service_name.
Handle overflow before changing SsdpEvent.
Because the behavior of "snprintf" is platform dependent in such case.
(cherry picked from commit f299d6597a817895f626420f2940aab0388d72eb)
2012-03-14 11:20:13 -03:00
Yoichi NAKAYAMA
4b8982970e SF Bug Tracker id 3502958 - The commit 5944960e prevents a pupnp client (amule) from receiving replies from an IGD device.
Previous change broke the feature. The error of unique_service_name
in ssdp_request_type should be ignored.
This reverts commit 5944960e172a797a9fcc196291f4046cafa7f6ec.
(cherry picked from commit 35819a7a4400f9fc714c1d16b1ee705c4d4df6ed)
2012-03-14 11:20:13 -03:00
Marcelo Roberto Jimenez
ecaf15417a Fix for compiler warning
src/genlib/net/http/httpreadwrite.c: In function
‘http_OpenHttpConnection’:
src/genlib/net/http/httpreadwrite.c:1072:69: warning: unused parameter
‘timeout’
2012-03-13 15:20:28 -03:00
Marcelo Roberto Jimenez
4cd4b1789f Fix for compiler warning
src/genlib/net/sock.c: In function ‘sock_read_write’:
src/genlib/net/sock.c:172:4: warning: conversion to ‘long int’ from
‘size_t’ may change the sign of the result

(forward port of commit f1c4ffefdaed7b45912357943000a2e4838305df)
2012-03-13 15:00:57 -03:00
Marcelo Roberto Jimenez
461a478c25 Address family is an int
Reference: "man 2 socket".
(cherry picked from commit a692e591defe6ed9a617b9b4a083964a01f7bbab)
2012-03-13 14:33:20 -03:00
Fabrice Fontaine
46da1738b9 Remove more implicit casts in upnp part
Remove more "implicit integer or enum conversions" errors as well as
dead code.

(forward port of commit c40d2bc0c9b60c43b641ac4669c7b8bbcd6134c5)
2012-03-11 21:38:56 -03:00
Yoichi NAKAYAMA
12b88a9fbf Suppress compiler warning in CreateClientRequestPacketUlaGua.
It is a static function and is called with AF_INET6,
so there is no real problem.
(cherry picked from commit 8e39b2af85512bd56a5d593fbd83f8ab227c0097)
2012-03-11 20:59:29 -03:00
Fabrice Fontaine
d56a68d771 Remove more implicit casts in upnp part
Remove more "implicit integer or enum conversions" as well as memset
before snprintf.

(forward port of commit 2eb3e069badd5c8676738c3ead37f9551fd8448e)
2012-03-11 20:58:28 -03:00