From 5b3c324097fa3e122edb774213aeafd6eba137f9 Mon Sep 17 00:00:00 2001 From: Michal Vasko Date: Mon, 8 Apr 2019 13:45:21 +0200 Subject: [PATCH] lyb parser BUGFIX correct byte order for all numbers Fixes #747 --- src/parser_lyb.c | 50 ++++++++++++++++++++++++++++++------------------ 1 file changed, 31 insertions(+), 19 deletions(-) diff --git a/src/parser_lyb.c b/src/parser_lyb.c index 628fba91..8baeabbf 100644 --- a/src/parser_lyb.c +++ b/src/parser_lyb.c @@ -120,7 +120,7 @@ lyb_read(const char *data, uint8_t *buf, size_t count, struct lyb_state *lybs) } static int -lyb_read_number(uint64_t *num, size_t bytes, const char *data, struct lyb_state *lybs) +lyb_read_number(uint64_t *num, size_t num_size, size_t bytes, const char *data, struct lyb_state *lybs) { int r, ret = 0; size_t i; @@ -133,15 +133,32 @@ lyb_read_number(uint64_t *num, size_t bytes, const char *data, struct lyb_state *(((uint8_t *)num) + i) = byte; } + /* correct byte order */ + switch (num_size) { + case 1: + /* no need to do anything */ + break; + case 2: + *num = le16toh(*num); + break; + case 4: + *num = le32toh(*num); + break; + case 8: + *num = le64toh(*num); + break; + default: + LOGINT(lybs->ctx); + return -1; + } + return ret; } static int lyb_read_enum(uint64_t *enum_idx, uint32_t count, const char *data, struct lyb_state *lybs) { - int ret = 0; size_t bytes; - uint64_t tmp_enum = 0; if (count < (1 << 8)) { bytes = 1; @@ -153,11 +170,9 @@ lyb_read_enum(uint64_t *enum_idx, uint32_t count, const char *data, struct lyb_s bytes = 4; } - /* The enum is always read into a uint64_t buffer */ - ret = lyb_read_number(&tmp_enum, bytes, data, lybs); - *enum_idx = le64toh(tmp_enum); - - return ret; + /* enum is always read into a uint64_t buffer */ + *enum_idx = 0; + return lyb_read_number(enum_idx, sizeof *enum_idx, bytes, data, lybs); } static int @@ -167,7 +182,7 @@ lyb_read_string(const char *data, char **str, int with_length, struct lyb_state size_t len = 0, cur_len; if (with_length) { - ret += (r = lyb_read_number((uint64_t *)&len, 2, data, lybs)); + ret += (r = lyb_read_number((uint64_t *)&len, sizeof len, 2, data, lybs)); LYB_HAVE_READ_GOTO(r, data, error); } else { /* read until the end of this subtree */ @@ -455,23 +470,20 @@ lyb_parse_val_1(struct lys_type *type, LY_DATA_TYPE value_type, uint8_t value_fl break; case LY_TYPE_INT8: case LY_TYPE_UINT8: - ret = lyb_read_number((uint64_t *)&value->uint8, 1, data, lybs); + ret = lyb_read_number((uint64_t *)&value->uint8, sizeof value->uint8, 1, data, lybs); break; case LY_TYPE_INT16: case LY_TYPE_UINT16: - ret = lyb_read_number((uint64_t *)&value->uint16, 2, data, lybs); - value->uint16 = le16toh(value->uint16); + ret = lyb_read_number((uint64_t *)&value->uint16, sizeof value->uint16, 2, data, lybs); break; case LY_TYPE_INT32: case LY_TYPE_UINT32: - ret = lyb_read_number((uint64_t *)&value->uint32, 4, data, lybs); - value->uint32 = le32toh(value->uint32); + ret = lyb_read_number((uint64_t *)&value->uint32, sizeof value->uint32, 4, data, lybs); break; case LY_TYPE_DEC64: case LY_TYPE_INT64: case LY_TYPE_UINT64: - ret = lyb_read_number((uint64_t *)&value->uint64, 8, data, lybs); - value->uint64 = le64toh(value->uint64); + ret = lyb_read_number((uint64_t *)&value->uint64, sizeof value->uint64, 8, data, lybs); break; default: return -1; @@ -1152,7 +1164,7 @@ lyb_parse_data_models(const char *data, struct lyb_state *lybs) int i, r, ret = 0; /* read model count */ - ret += (r = lyb_read_number((uint64_t *)&lybs->mod_count, 2, data, lybs)); + ret += (r = lyb_read_number((uint64_t *)&lybs->mod_count, sizeof lybs->mod_count, 2, data, lybs)); LYB_HAVE_READ_RETURN(r, data, -1); lybs->models = malloc(lybs->mod_count * sizeof *lybs->models); @@ -1337,14 +1349,14 @@ lyd_lyb_data_length(const char *data) LYB_HAVE_READ_GOTO(r, data, finish); /* read model count */ - ret += (r = lyb_read_number((uint64_t *)&lybs.mod_count, 2, data, &lybs)); + ret += (r = lyb_read_number((uint64_t *)&lybs.mod_count, sizeof lybs.mod_count, 2, data, &lybs)); LYB_HAVE_READ_GOTO(r, data, finish); /* read all models */ for (i = 0; i < lybs.mod_count; ++i) { /* module name length */ len = 0; - ret += (r = lyb_read_number((uint64_t *)&len, 2, data, &lybs)); + ret += (r = lyb_read_number((uint64_t *)&len, sizeof len, 2, data, &lybs)); LYB_HAVE_READ_GOTO(r, data, finish); /* model name */