Commit Graph

6848 Commits

Author SHA1 Message Date
Sergey Fionov
5171345eb8 tcp: Fix TCP timestamps for big-endian systems
Current parsing code is building reverse-order integer, and then calls htonl()
to assign right value to "ts_recent" field of pcb.

This works correctly on little-endian machines, where htonl() reverses bytes.
However, on big-endian machines, htonl() is no-op, so bytes stay reversed.

This patch fixes it by building non-reversed integer.
2024-03-13 22:16:35 +02:00
Simon Goldschmidt
d0efd9ef7b tcpip: fix that TCPIP_CORE_LOCK is not released for LWIP_TIMERS==0
See bug #65328

Signed-off-by: Simon Goldschmidt <goldsimon@gmx.de>
2024-02-19 21:44:18 +01:00
Krzysztof Mazur
e799c266fa makefsdata: extend file type matching with .shtml and .shtm
[Problem]
When using makefsdata perl script to convert shtml files with SSI tags
the shtml files get generated with text/plain content type, making
browsers not render them correctly

[Solution]
Extend the regex to generate text/html content type for any of:
.htm, .html, .shtm, .shtml extensions
2024-02-19 20:58:58 +01:00
Brian
cb511019b0 Update codeql-buildscript.sh
Adding install dependencies step
2024-02-19 20:03:32 +01:00
Brian
9004e7bd77 Add CodeQL Workflow for Code Security Analysis
Add CodeQL Workflow for Code Security Analysis

This pull request introduces a CodeQL workflow to enhance the security analysis of our repository. CodeQL is a powerful static analysis tool that helps identify and mitigate security vulnerabilities in our codebase. By integrating this workflow into our GitHub Actions, we can proactively identify and address potential issues before they become security threats.

We added a new CodeQL workflow file (.github/workflows/codeql.yml) that
- Runs on every pull request (functionality to run on every push to main branches is included as a comment for convenience).
- Runs daily.
- Excludes queries with a high false positive rate or low-severity findings.
- Does not display results for git submodules, focusing only on our own codebase.

Testing:
To validate the functionality of this workflow, we have run several test scans on the codebase and reviewed the results. The workflow successfully compiles the project, identifies issues, and provides actionable insights while reducing noise by excluding certain queries and third-party code.

Deployment:
Once this pull request is merged, the CodeQL workflow will be active and automatically run on every push and pull request to the main branch. To view the results of these code scans, please follow these steps:
1. Under the repository name, click on the Security tab.
2. In the left sidebar, click Code scanning alerts.

Additional Information:
- You can further customize the workflow to adapt to your specific needs by modifying the workflow file.
- For more information on CodeQL and how to interpret its results, refer to the GitHub documentation and the CodeQL documentation (https://codeql.github.com/ and https://codeql.github.com/docs/).

Signed-off-by: Brian <bayuan@purdue.edu>
2024-02-19 20:03:32 +01:00
Brian
17b1f5d382 Add CodeQL Workflow for Code Security Analysis
Add CodeQL Workflow for Code Security Analysis

This pull request introduces a CodeQL workflow to enhance the security analysis of our repository. CodeQL is a powerful static analysis tool that helps identify and mitigate security vulnerabilities in our codebase. By integrating this workflow into our GitHub Actions, we can proactively identify and address potential issues before they become security threats.

We added a new CodeQL workflow file (.github/workflows/codeql.yml) that
- Runs on every pull request (functionality to run on every push to main branches is included as a comment for convenience).
- Runs daily.
- Excludes queries with a high false positive rate or low-severity findings.
- Does not display results for git submodules, focusing only on our own codebase.

Testing:
To validate the functionality of this workflow, we have run several test scans on the codebase and reviewed the results. The workflow successfully compiles the project, identifies issues, and provides actionable insights while reducing noise by excluding certain queries and third-party code.

Deployment:
Once this pull request is merged, the CodeQL workflow will be active and automatically run on every push and pull request to the main branch. To view the results of these code scans, please follow these steps:
1. Under the repository name, click on the Security tab.
2. In the left sidebar, click Code scanning alerts.

Additional Information:
- You can further customize the workflow to adapt to your specific needs by modifying the workflow file.
- For more information on CodeQL and how to interpret its results, refer to the GitHub documentation and the CodeQL documentation (https://codeql.github.com/ and https://codeql.github.com/docs/).

Signed-off-by: Brian <bayuan@purdue.edu>
2024-02-19 20:03:32 +01:00
Brian
10dc9b7eb3 Add CodeQL Workflow for Code Security Analysis
Add CodeQL Workflow for Code Security Analysis

This pull request introduces a CodeQL workflow to enhance the security analysis of our repository. CodeQL is a powerful static analysis tool that helps identify and mitigate security vulnerabilities in our codebase. By integrating this workflow into our GitHub Actions, we can proactively identify and address potential issues before they become security threats.

We added a new CodeQL workflow file (.github/workflows/codeql.yml) that
- Runs on every pull request (functionality to run on every push to main branches is included as a comment for convenience).
- Runs daily.
- Excludes queries with a high false positive rate or low-severity findings.
- Does not display results for git submodules, focusing only on our own codebase.

Testing:
To validate the functionality of this workflow, we have run several test scans on the codebase and reviewed the results. The workflow successfully compiles the project, identifies issues, and provides actionable insights while reducing noise by excluding certain queries and third-party code.

Deployment:
Once this pull request is merged, the CodeQL workflow will be active and automatically run on every push and pull request to the main branch. To view the results of these code scans, please follow these steps:
1. Under the repository name, click on the Security tab.
2. In the left sidebar, click Code scanning alerts.

Additional Information:
- You can further customize the workflow to adapt to your specific needs by modifying the workflow file.
- For more information on CodeQL and how to interpret its results, refer to the GitHub documentation and the CodeQL documentation (https://codeql.github.com/ and https://codeql.github.com/docs/).

Signed-off-by: Brian <bayuan@purdue.edu>
2024-02-19 20:03:32 +01:00
Brian
c3d6fe9d72 Add CodeQL Workflow for Code Security Analysis
Add CodeQL Workflow for Code Security Analysis

This pull request introduces a CodeQL workflow to enhance the security analysis of our repository. CodeQL is a powerful static analysis tool that helps identify and mitigate security vulnerabilities in our codebase. By integrating this workflow into our GitHub Actions, we can proactively identify and address potential issues before they become security threats.

We added a new CodeQL workflow file (.github/workflows/codeql.yml) that
- Runs on every push and pull request to the main branch.
- Excludes queries with a high false positive rate or low-severity findings.
- Does not display results for third-party code, focusing only on our own codebase.

Testing:
To validate the functionality of this workflow, we have run several test scans on the codebase and reviewed the results. The workflow successfully compiles the project, identifies issues, and provides actionable insights while reducing noise by excluding certain queries and third-party code.

Deployment:
Once this pull request is merged, the CodeQL workflow will be active and automatically run on every push and pull request to the main branch. To view the results of these code scans, please follow these steps:
1. Under the repository name, click on the Security tab.
2. In the left sidebar, click Code scanning alerts.

Additional Information:
- You can further customize the workflow to adapt to your specific needs by modifying the workflow file.
- For more information on CodeQL and how to interpret its results, refer to the GitHub documentation and the CodeQL documentation.

Signed-off-by: Brian <bayuan@purdue.edu>
2024-02-19 20:03:32 +01:00
Kirill Lokotkov
93821fc437 Fixed netdb.c when LWIP_SOCKET_HAVE_SA_LEN == 0
Fields sin6_len and sin_len are always used in the file but not all implementations of sockaddr_in or sockaddr_in6 have this fields (including Linux implementation).
Added #if-check to avoid compilation errors in such cases.
2024-02-19 18:13:28 +01:00
Kirill Lokotkov
7c494b3829 Added "lwip/errno.h" to netdb.c includes
Defines EINVAL and ERANGE are used in the file but not included directly. When I try to use <sys/socket.h> and <arpa/inet.h> as LWIP_SOCKET_EXTERNAL_HEADERS it causes errors with this defines.
2024-02-19 18:13:28 +01:00
Sebastian Michel
e1b8080346 contrib: fixed c++ compatibility of unix port 2024-02-19 18:04:02 +01:00
Simon Goldschmidt
347054b329 Fix C++ compatibility of newly added function lwip_memcmp_consttime() 2024-01-09 21:26:40 +01:00
Simon Goldschmidt
c167a54540 ppp: use constant-time memcmp for checking credentials
See #65119
2024-01-09 21:23:11 +01:00
Simon Goldschmidt
25de99d1c1 Introduce constant-time memcmp and use it for snmpv3_get_engine_boots
See #65118
2024-01-09 21:14:49 +01:00
Simon Goldschmidt
09d929f7ff Fix uninitialized variable warning introduced with last commit
(at least reported by MS-VS C compiler)
2024-01-09 20:51:10 +01:00
Renzo Davoli
83abc8714c avoid callbacks for unsuccessful lwip_accept
See bug #64780
2024-01-09 20:45:05 +01:00
Simon Goldschmidt
09188668c7 update tinydir.h to newest version (1.2.6)
Update to cxong/tinydir version 1.2.6 commit 8124807 ("Fix buffer overflow in tinydir_file_open with long path names")

Although we're not affected of this bug, prevent others copying from our repo being affected...
2024-01-04 22:00:56 +01:00
Simon Goldschmidt
b413b04093 makefsdata: fix buffer corruption with very long paths
See bug #64941
2023-11-29 22:03:46 +01:00
Simon Goldschmidt
ee1523630a httpc with LWIP_HTTPC_HAVE_FILE_IO: fix heap buffer overflow for long local filenames
See bug #64940
2023-11-29 21:35:38 +01:00
Erik Ekman
5e3268cf3e src/core: Fix speling issues
Found by codespell
2023-10-14 18:16:49 +02:00
Erik Ekman
8c1190143c Ignore vim swap files 2023-10-14 18:10:30 +02:00
Erik Ekman
5e45328bb5 src/apps: Fix speling issues
Found by codespell
2023-10-14 18:08:00 +02:00
Erik Ekman
b6b20613ce src/api: Fix speling issues
Found by codespell
2023-10-14 18:04:35 +02:00
Erik Ekman
e7abb85d63 contrib: Fix speling issues
Found by codespell
2023-10-14 18:01:37 +02:00
Erik Ekman
3c06267d8e apps/http_client: Fix speling issues
Found by codespell
2023-10-14 17:51:01 +02:00
Erik Ekman
0ab52ff447 PPP: Fix speling issues
Found by codespell
2023-10-14 17:51:01 +02:00
Erik Ekman
20c9b117e1 test: Fix speling issues
Found by codespell
2023-10-14 17:51:01 +02:00
Erik Ekman
34516d5c2e Update codespell false positives 2023-10-14 17:51:01 +02:00
Florian La Roche
670a2f0827 Fix typos
From patch #10399
2023-10-14 17:34:13 +02:00
Simon Goldschmidt
1eeb70fbfa dhcp: fix memory corruption when LWIP_DHCP_MAX_DNS_SERVERS > DNS_MAX_SERVERS
see patch #10124
2023-10-12 22:08:14 +02:00
Simon Goldschmidt
b9ca1deba8 Fix building with ISO C90
This fixes the changes of commit 574bd6e5aa
2023-10-12 21:41:49 +02:00
Simon Goldschmidt
efe78e7e5b pbuf_cat: add a simple check to ensure we don't cat the same pbuf to itself 2023-10-12 21:34:11 +02:00
Simon Goldschmidt
6864eb1749 unixlib: LWIP_LISTEN_BACKLOG -> TCP_LISTEN_BACKLOG
see patch #10116
2023-10-12 21:10:53 +02:00
David Fries
35cbad52cc Document that sntp_setservername doesn't copy the string
I was expecting the string to be duplicated, doing a Google search
shows others did as well.
2023-10-12 21:04:11 +02:00
duckpowerMB
574bd6e5aa tcp_in : fix ooseq update error
if a pbuf received with the same seqno in ooseq ,
we then check  the size and replace the existing one
with the larger one,but if the existing one is the
last segment in ooseq ,it might has been trimed before.
the replacing action will overrun our receive windows

see patch #10106 and bug #56397
2023-10-12 21:00:21 +02:00
Thomas Kindler
de0b97861a Fix bug #60681: Initialize custom data in pbuf struct
Add a #define that users can use to initialize LWIP_PBUF_CUSTOM_DATA fields.

see patch #10072
idea by Thomas Kindler <mail_lwip@t-kindler.de>
2023-10-12 20:29:16 +02:00
Simon Goldschmidt
f5e7e8e576 pbuf: pbuf_get_contiguous: allow passing NULL for buffer to prevent copying
see bug #62832
2023-10-12 08:26:00 +02:00
Faidon Liambotis
4f88651247 Add MEM_CUSTOM_ALLOCATOR and make LIBC a subset of it
Allow one to provide a custom implementation of free/malloc/calloc
instead of the lwip internal allocator. The code to use the libc's
implementation already existed, so generalize the existing code and make
the libc variant a specialized case of this new capability, retaining
full backwards compatibility.
2023-10-11 21:45:55 +02:00
Simon Goldschmidt
e01c9a9504 dhcp: set LWIP_DHCP_DISCOVER_ADD_HOSTNAME==1 by DEFAULT_ACCEPTMBOX_SIZE
see bug #63457
2023-10-11 21:39:48 +02:00
Simon Goldschmidt
90a440eafd sockets: fix socket leak when using setsockopt/getsockopt hook with LWIP_NETCONN_FULLDUPLEX==1
see bug #63458
2023-10-11 21:23:32 +02:00
Simon Goldschmidt
583f352f60 altcp_mbedtls: don't ignore return value of mbedtls_ssl_flush_output
see bug #64045/task #16283
2023-10-11 21:18:56 +02:00
Simon Goldschmidt
7fd1350802 sockets: fix bug #63898: allow socket option IPV6_CHECKSUM for both IPPROTO_IPV6 and IPPROTO_RAW
See bug #63898
2023-10-10 22:27:03 +02:00
Simon Goldschmidt
c8d9adde0f win32 port: fix linking x64 with pcap 2023-10-10 22:24:29 +02:00
Simon Goldschmidt
e655b41a49 win32 port: allow "edit-and-continue" by disabling /SAFESEH 2023-10-10 21:58:56 +02:00
Simon Goldschmidt
2e650364fa win32 port: fix wrong intermediate directories 2023-10-10 20:43:55 +02:00
Simon Goldschmidt
ab1f582043 httpd: fix bug #64458: When tcp_err() is invoked, tcp_pcb is freed but httpd_post_finished() is not called by httpd.c 2023-10-10 20:40:42 +02:00
Simon Goldschmidt
b5f6720f88 apps/tftp: fix compiling for 64-bit 2023-10-10 20:39:45 +02:00
Simon Goldschmidt
5ec4c1d1f2 ping: fix compiling in dual-stack mode 2023-10-10 20:15:49 +02:00
Simon Goldschmidt
9e2fb2806f unittests: fix compiling in release mode 2023-10-10 20:14:52 +02:00
Simon Goldschmidt
4323e95dce win32 port: add x64 configurations 2023-10-10 20:14:16 +02:00