lua: workaround false positive dereference of null pointer

[project/ubus.git] / libubus-io.c

diff --git a/libubus-io.c b/libubus-io.c
index e6d42367b4a4ce41ca78a79cdf443ceab64c489c..81c1cd1309b11d8fe905a550c3f37fcbc45667dd 100644 (file)
--- a/libubus-io.c
+++ b/libubus-io.c
@@ -60,8 +60,8 @@ static void wait_data(int fd, bool write)
 static int writev_retry(int fd, struct iovec *iov, int iov_len, int sock_fd)
 {
        static struct {
-               struct cmsghdr h;
                int fd;
+               struct cmsghdr h;
        } fd_buf = {
                .h = {
                        .cmsg_len = sizeof(fd_buf),
@@ -78,7 +78,7 @@ static int writev_retry(int fd, struct iovec *iov, int iov_len, int sock_fd)
        int len = 0;
 
        do {
-               int cur_len;
+               ssize_t cur_len;
 
                if (sock_fd < 0) {
                        msghdr.msg_control = NULL;
@@ -105,7 +105,7 @@ static int writev_retry(int fd, struct iovec *iov, int iov_len, int sock_fd)
                        sock_fd = -1;
 
                len += cur_len;
-               while (cur_len >= iov->iov_len) {
+               while (cur_len >= (ssize_t) iov->iov_len) {
                        cur_len -= iov->iov_len;
                        iov_len--;
                        iov++;
@@ -133,8 +133,8 @@ int __hidden ubus_send_msg(struct ubus_context *ctx, uint32_t seq,
 
        hdr.version = 0;
        hdr.type = cmd;
-       hdr.seq = seq;
-       hdr.peer = peer;
+       hdr.seq = cpu_to_be16(seq);
+       hdr.peer = cpu_to_be32(peer);
 
        if (!msg) {
                blob_buf_init(&b, 0);
@@ -154,12 +154,13 @@ int __hidden ubus_send_msg(struct ubus_context *ctx, uint32_t seq,
        return ret;
 }
 
-static int recv_retry(int fd, struct iovec *iov, bool wait, int *recv_fd)
+static int recv_retry(struct ubus_context *ctx, struct iovec *iov, bool wait, int *recv_fd)
 {
        int bytes, total = 0;
+       int fd = ctx->sock.fd;
        static struct {
-               struct cmsghdr h;
                int fd;
+               struct cmsghdr h;
        } fd_buf = {
                .h = {
                        .cmsg_type = SCM_RIGHTS,
@@ -173,9 +174,6 @@ static int recv_retry(int fd, struct iovec *iov, bool wait, int *recv_fd)
        };
 
        while (iov->iov_len > 0) {
-               if (wait)
-                       wait_data(fd, false);
-
                if (recv_fd) {
                        msghdr.msg_control = &fd_buf;
                        msghdr.msg_controllen = sizeof(fd_buf);
@@ -191,8 +189,6 @@ static int recv_retry(int fd, struct iovec *iov, bool wait, int *recv_fd)
 
                if (bytes < 0) {
                        bytes = 0;
-                       if (uloop_cancelled)
-                               return 0;
                        if (errno == EINTR)
                                continue;
 
@@ -211,12 +207,15 @@ static int recv_retry(int fd, struct iovec *iov, bool wait, int *recv_fd)
                iov->iov_len -= bytes;
                iov->iov_base += bytes;
                total += bytes;
+
+               if (iov->iov_len > 0)
+                       wait_data(fd, false);
        }
 
        return total;
 }
 
-static bool ubus_validate_hdr(struct ubus_msghdr *hdr)
+bool ubus_validate_hdr(struct ubus_msghdr *hdr)
 {
        struct blob_attr *data = (struct blob_attr *) (hdr + 1);
 
@@ -259,6 +258,7 @@ static bool alloc_msg_buf(struct ubus_context *ctx, int len)
                return false;
 
        ctx->msgbuf.data = ptr;
+       ctx->msgbuf_data_len = len;
        return true;
 }
 
@@ -273,7 +273,7 @@ static bool get_next_msg(struct ubus_context *ctx, int *recv_fd)
        int r;
 
        /* receive header + start attribute */
-       r = recv_retry(ctx->sock.fd, &iov, false, recv_fd);
+       r = recv_retry(ctx, &iov, false, recv_fd);
        if (r <= 0) {
                if (r < 0)
                        ctx->sock.eof = true;
@@ -281,6 +281,9 @@ static bool get_next_msg(struct ubus_context *ctx, int *recv_fd)
                return false;
        }
 
+       hdrbuf.hdr.seq = be16_to_cpu(hdrbuf.hdr.seq);
+       hdrbuf.hdr.peer = be32_to_cpu(hdrbuf.hdr.peer);
+
        if (!ubus_validate_hdr(&hdrbuf.hdr))
                return false;
 
@@ -293,7 +296,8 @@ static bool get_next_msg(struct ubus_context *ctx, int *recv_fd)
 
        iov.iov_base = (char *)ctx->msgbuf.data + sizeof(hdrbuf.data);
        iov.iov_len = blob_len(ctx->msgbuf.data);
-       if (iov.iov_len > 0 && !recv_retry(ctx->sock.fd, &iov, true, NULL))
+       if (iov.iov_len > 0 &&
+           recv_retry(ctx, &iov, true, NULL) <= 0)
                return false;
 
        return true;
@@ -306,7 +310,7 @@ void __hidden ubus_handle_data(struct uloop_fd *u, unsigned int events)
 
        while (get_next_msg(ctx, &recv_fd)) {
                ubus_process_msg(ctx, &ctx->msgbuf, recv_fd);
-               if (uloop_cancelled)
+               if (uloop_cancelling() || ctx->cancel_poll)
                        break;
        }
 
@@ -321,6 +325,7 @@ void __hidden ubus_poll_data(struct ubus_context *ctx, int timeout)
                .events = POLLIN | POLLERR,
        };
 
+       ctx->cancel_poll = false;
        poll(&pfd, 1, timeout ? timeout : -1);
        ubus_handle_data(&ctx->sock, ULOOP_READ);
 }
@@ -367,6 +372,8 @@ int ubus_reconnect(struct ubus_context *ctx, const char *path)
                close(ctx->sock.fd);
        }
 
+       ctx->sock.eof = false;
+       ctx->sock.error = false;
        ctx->sock.fd = usock(USOCK_UNIX, path, NULL);
        if (ctx->sock.fd < 0)
                return UBUS_STATUS_CONNECTION_FAILED;
@@ -385,7 +392,7 @@ int ubus_reconnect(struct ubus_context *ctx, const char *path)
                goto out_close;
 
        memcpy(buf, &hdr.data, sizeof(hdr.data));
-       if (read(ctx->sock.fd, blob_data(buf), blob_len(buf)) != blob_len(buf))
+       if (read(ctx->sock.fd, blob_data(buf), blob_len(buf)) != (ssize_t) blob_len(buf))
                goto out_free;
 
        ctx->local_id = hdr.hdr.peer;