Current UDP receive reads up to MAX_UDP_LENGTH bytes into the
passed in buffer, which may lead to buffer overflow if the
write buffer is of insufficient size.
Add mandatory length argument to UDP socket receive calls.
Reported-by: Simone Margaritelli <simone@zimperium.com>
Signed-off-by: Tom Tsou <tom.tsou@ettus.com>
Reported security vulnerability where control and data UDP
packets can be injected into the transceiver externally due
to socket binding to all interfaces using INADDR_ANY.
Existing socket interface does not allow specifying local
address; only the local port and remote address/port are
arguments.
Restrict socket bind to localhost with INADDR_LOOPBACK. If
external interfaces do need to be used, the API should be
modified to allow specifying the local socket address.
Reported-by: Simone Margaritelli <simone@zimperium.com>
Signed-off-by: Tom Tsou <tom.tsou@ettus.com>
So added a devassert in these cases so we can catch how this happens if the Log.Level is DEBUG.
I did this to track down a bug, but of course, now the bug no longer occurs.
There is nothing wrong with namespace, and these changes generated 1700 lines of
irrelevant diff output making it difficult to compare various revisions of CommonLibs.
runtime (ie, when logging).
The implementation is cludgy. This is because we create threads before main,
as a result of global thread objects (as opposed to pointers to thread objects
that get new'ed and started in main).
A view of the system through strace indicates one or two calls to gettid() per
thread (usually 1, occasionally 2). Changing the read lock in Log() to a write
lock deadlocks.
pthread_self() just returns a pointer to an opaque data structure used by
pthreads, and the other two give information that is useful to relate to top,
ps, etc.
Accidently changed indent in SelfDetect::Exit(). Sorry Michael.
Found as a result of working through bug 1608.
- small changes to log messages, passing signal information through to the log and also echoing failed starts to to cout
- a HACK was needed to avoid signal 17, Dave can smooth this out in a more intelligent way than my workaround
- ticket #1549
Utils.h still has a using namespace, to prevent non-CommonLibs? code from
breaking. All CommonLibs? code has been compiled with tue Utils.h "using
namespace" commented out, though.
Basically the unpack method and fillField method assume MSB-first bit packing. The unpack method calls fillField for each byte that needs to be unpacked. The problem occurs on its final call to fillField when it has a partial byte to unpack; it uses the LSB bits instead of the MSB bits.
git-svn-id: http://wush.net/svn/range/software/public/CommonLibs/trunk@3288 19bc5d8c-e614-43d4-8b26-e1612bc8e597