Mercurial > louis > mq > lightsd

changeset 475:0ade7fb71c8c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Import Xavier's patches
author Louis Opter <kalessin@kalessin.fr>
date Sat, 25 Jun 2016 17:00:58 -0700
parents 59061c76f3b2
children e71203a47b63
files fix_stack_overflow_in_jsmn.patch fix_stack_underflow_in_jsonrpc.patch series use_systemd_user_group_keys.patch
diffstat 4 files changed, 269 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/fix_stack_overflow_in_jsmn.patch	Sat Jun 25 17:00:58 2016 -0700
@@ -0,0 +1,229 @@
+# HG changeset patch
+# User Xavier Deguillard <deguilx@gmail.com>
+# Parent  69e2492f799fef0a248f7e0b2d46e050d1612644
+Fix a stack overflow in JSMN when parsing `null'
+
+Also, start updating that changelog!
+
+diff --git a/core/client.c b/core/client.c
+--- a/core/client.c
++++ b/core/client.c
+@@ -66,8 +66,6 @@
+     }
+ }
+ 
+-#pragma GCC diagnostic push
+-#pragma GCC diagnostic ignored "-Wswitch"
+ static void
+ lgtd_client_read_callback(struct bufferevent *bev, void *ctx)
+ {
+@@ -89,7 +87,7 @@
+         jsmn_parser jsmn_ctx;
+     parse_after_realloc:
+         jsmn_init(&jsmn_ctx);
+-        jsmnerr_t rv = jsmn_parse(&jsmn_ctx, buf, nbytes, tokens, ntokens);
++        int rv = jsmn_parse(&jsmn_ctx, buf, nbytes, tokens, ntokens);
+         switch (rv) {
+         case JSMN_ERROR_NOMEM:
+         case JSMN_ERROR_INVAL:
+@@ -138,7 +136,6 @@
+         nbytes = evbuffer_get_contiguous_space(input);
+     } while (nbytes);
+ }
+-#pragma GCC diagnostic pop
+ 
+ static void
+ lgtd_client_event_callback(struct bufferevent *bev, short events, void *ctx)
+diff --git a/core/jsmn.c b/core/jsmn.c
+--- a/core/jsmn.c
++++ b/core/jsmn.c
+@@ -20,8 +20,6 @@
+  * THE SOFTWARE.
+  */
+ 
+-#include <stdlib.h>
+-
+ #include "jsmn.h"
+ 
+ /**
+@@ -56,7 +54,7 @@
+ /**
+  * Fills next available token with JSON primitive.
+  */
+-static jsmnerr_t jsmn_parse_primitive(jsmn_parser *parser, const char *js,
++static int jsmn_parse_primitive(jsmn_parser *parser, const char *js,
+ 		size_t len, jsmntok_t *tokens, size_t num_tokens) {
+ 	jsmntok_t *token;
+ 	int start;
+@@ -103,9 +101,9 @@
+ }
+ 
+ /**
+- * Filsl next token with JSON string.
++ * Fills next token with JSON string.
+  */
+-static jsmnerr_t jsmn_parse_string(jsmn_parser *parser, const char *js,
++static int jsmn_parse_string(jsmn_parser *parser, const char *js,
+ 		size_t len, jsmntok_t *tokens, size_t num_tokens) {
+ 	jsmntok_t *token;
+ 
+@@ -172,12 +170,12 @@
+ /**
+  * Parse JSON string and fill tokens.
+  */
+-jsmnerr_t jsmn_parse(jsmn_parser *parser, const char *js, size_t len,
++int jsmn_parse(jsmn_parser *parser, const char *js, size_t len,
+ 		jsmntok_t *tokens, unsigned int num_tokens) {
+-	jsmnerr_t r;
++	int r;
+ 	int i;
+ 	jsmntok_t *token;
+-	int count = 0;
++	int count = parser->toknext;
+ 
+ 	for (; parser->pos < len && js[parser->pos] != '\0'; parser->pos++) {
+ 		char c;
+@@ -262,7 +260,7 @@
+ 				parser->toksuper = parser->toknext - 1;
+ 				break;
+ 			case ',':
+-				if (tokens != NULL &&
++				if (tokens != NULL && parser->toksuper != -1 &&
+ 						tokens[parser->toksuper].type != JSMN_ARRAY &&
+ 						tokens[parser->toksuper].type != JSMN_OBJECT) {
+ #ifdef JSMN_PARENT_LINKS
+@@ -285,7 +283,7 @@
+ 			case '5': case '6': case '7' : case '8': case '9':
+ 			case 't': case 'f': case 'n' :
+ 				/* And they must not be keys of the object */
+-				if (tokens != NULL) {
++				if (tokens != NULL && parser->toksuper != -1) {
+ 					jsmntok_t *t = &tokens[parser->toksuper];
+ 					if (t->type == JSMN_OBJECT ||
+ 							(t->type == JSMN_STRING && t->size != 0)) {
+@@ -311,10 +309,12 @@
+ 		}
+ 	}
+ 
+-	for (i = parser->toknext - 1; i >= 0; i--) {
+-		/* Unmatched opened object or array */
+-		if (tokens[i].start != -1 && tokens[i].end == -1) {
+-			return JSMN_ERROR_PART;
++	if (tokens != NULL) {
++		for (i = parser->toknext - 1; i >= 0; i--) {
++			/* Unmatched opened object or array */
++			if (tokens[i].start != -1 && tokens[i].end == -1) {
++				return JSMN_ERROR_PART;
++			}
+ 		}
+ 	}
+ 
+diff --git a/core/jsmn.h b/core/jsmn.h
+--- a/core/jsmn.h
++++ b/core/jsmn.h
+@@ -37,20 +37,21 @@
+  * 	o Other primitive: number, boolean (true/false) or null
+  */
+ typedef enum {
+-	JSMN_PRIMITIVE = 0,
++	JSMN_UNDEFINED = 0,
+ 	JSMN_OBJECT = 1,
+ 	JSMN_ARRAY = 2,
+-	JSMN_STRING = 3
++	JSMN_STRING = 3,
++	JSMN_PRIMITIVE = 4
+ } jsmntype_t;
+ 
+-typedef enum {
++enum jsmnerr {
+ 	/* Not enough tokens were provided */
+ 	JSMN_ERROR_NOMEM = -1,
+ 	/* Invalid character inside JSON string */
+ 	JSMN_ERROR_INVAL = -2,
+ 	/* The string is not a full JSON packet, more bytes expected */
+ 	JSMN_ERROR_PART = -3
+-} jsmnerr_t;
++};
+ 
+ /**
+  * JSON token description.
+@@ -87,7 +88,7 @@
+  * Run JSON parser. It parses a JSON data string into and array of tokens, each describing
+  * a single JSON object.
+  */
+-jsmnerr_t jsmn_parse(jsmn_parser *parser, const char *js, size_t len,
++int jsmn_parse(jsmn_parser *parser, const char *js, size_t len,
+ 		jsmntok_t *tokens, unsigned int num_tokens);
+ 
+ #ifdef __cplusplus
+diff --git a/core/pipe.c b/core/pipe.c
+--- a/core/pipe.c
++++ b/core/pipe.c
+@@ -68,8 +68,6 @@
+ 
+ static void lgtd_command_pipe_reset(struct lgtd_command_pipe *);
+ 
+-#pragma GCC diagnostic push
+-#pragma GCC diagnostic ignored "-Wswitch"
+ static void
+ lgtd_command_pipe_read_callback(evutil_socket_t socket, short events, void *ctx)
+ {
+@@ -106,7 +104,7 @@
+             ssize_t bufsz = evbuffer_get_length(pipe->read_buf);
+         parse_after_realloc:
+             jsmn_init(&jsmn_ctx);
+-            jsmnerr_t rv = jsmn_parse(&jsmn_ctx, buf, bufsz, tokens, ntokens);
++            int rv = jsmn_parse(&jsmn_ctx, buf, bufsz, tokens, ntokens);
+             switch (rv) {
+             case JSMN_ERROR_NOMEM:
+             case JSMN_ERROR_INVAL:
+@@ -153,7 +151,6 @@
+ 
+     lgtd_command_pipe_reset(pipe);
+ }
+-#pragma GCC diagnostic pop
+ 
+ static bool
+ _lgtd_command_pipe_open(const char *path)
+diff --git a/docs/changelog.rst b/docs/changelog.rst
+--- a/docs/changelog.rst
++++ b/docs/changelog.rst
+@@ -11,6 +11,38 @@
+   are added in a backwards-compatible manner;
+ - PATCH version gets incremented for backwards-compatible bug fixes.
+ 
++1.2.0 (unreleased)
++------------------
++
++This release doesn't have any new user-facing feature but packs a bunch of fixes
++and improvements, both in the code but also the documentation and examples.
++
++Also worth noting, is the full continuous integration pipeline that has been
++setup behind the scenes. It will hopefully make it a lot easier to work on the
++project.
++
++Fixes
++~~~~~
++
++- A couple of crash/security fixes by , one being in jsmn_
++  (JSON parser) which has been upgraded to its latest version;
++- FreeBSD build (more BSD fixes to come though, see GH-16_);
++- WIP…
++
++.. _jsmn: https://github.com/zserge/jsmn
++.. _GH-16: https://github.com/lopter/lightsd/issues/16
++
++Acknowledgments
++~~~~~~~~~~~~~~~
++
++Thanks to:
++
++- `Xavier Deguillard`_ for his contributions, additional automated tests will be
++  setup to make crashes and security issues much harder to creep in;
++- All the people who have been trying the project and reporting issues!
++
++.. _Xavier Deguillard: https://github.com/Rip-Rip
++
+ 1.1.2 (2015-11-30)
+ ------------------
+ 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/fix_stack_underflow_in_jsonrpc.patch	Sat Jun 25 17:00:58 2016 -0700
@@ -0,0 +1,17 @@
+# HG changeset patch
+# User Xavier Deguillard <deguilx@gmail.com>
+# Parent  a7efed63bc95fd9efac9dbb43cbdf93e1064fe9b
+Fix stack underflow in jsonrpc
+
+diff --git a/core/jsonrpc.c b/core/jsonrpc.c
+--- a/core/jsonrpc.c
++++ b/core/jsonrpc.c
+@@ -400,7 +400,7 @@
+     }
+ 
+     for (int si = 0; si != schema_size; si++) {
+-        if (!schema[si].optional) {
++        if (!schema[si].optional && schema[si].value_offset != -1) {
+             const jsmntok_t *seen = LGTD_JSONRPC_GET_JSMNTOK(
+                 output, schema[si].value_offset
+             );
--- a/series	Sat Jun 25 16:06:14 2016 -0700
+++ b/series	Sat Jun 25 17:00:58 2016 -0700
@@ -2,6 +2,9 @@
 dont_use_time_t.patch
 do_not_warn_on_unknown_packets.patch
 pkgbuild_fix.patch
+fix_stack_underflow_in_jsonrpc.patch
+fix_stack_overflow_in_jsmn.patch
+use_systemd_user_group_keys.patch
 add_power_transition.patch
 open_gateway_on_any_bulb_response.patch #+future
 make_gateway_write_callbacks_low_priority.patch #+future
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/use_systemd_user_group_keys.patch	Sat Jun 25 17:00:58 2016 -0700
@@ -0,0 +1,20 @@
+# HG changeset patch
+# User Xavier Deguillard <deguilx@gmail.com>
+# Parent  bc553481b7df85b46889177adb80d0428b98130c
+Use systemd's User/Group keys
+
+diff --git a/dist/lightsd.service b/dist/lightsd.service
+--- a/dist/lightsd.service
++++ b/dist/lightsd.service
+@@ -3,7 +3,10 @@
+ After=network.target
+ 
+ [Service]
+-ExecStart=/usr/bin/lightsd -t -v warning -u lightsd -s %t/lightsd/socket -c %t/lightsd/pipe
++ExecStart=/usr/bin/lightsd -t -v warning -s %t/lightsd/socket -c %t/lightsd/pipe
++User=lightsd
++Group=lightsd
++RuntimeDirectory=lightsd
+ Restart=on-failure
+ 
+ [Install]