From d92e1a056c1b2994dad35ccd24a85ceb0a2c1092 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Mon, 25 Dec 2023 22:19:03 +0100 Subject: [PATCH 1/2] Do not check errors on ROLLBACK TRANSACTION when gravityDB_delFromTable() fails. We remove this to avoid overwriting the initial cause of the error. Signed-off-by: DL6ER --- src/database/gravity-db.c | 84 ++++++++++----------------------------- 1 file changed, 21 insertions(+), 63 deletions(-) diff --git a/src/database/gravity-db.c b/src/database/gravity-db.c index 10a0d934a..92c320b9c 100644 --- a/src/database/gravity-db.c +++ b/src/database/gravity-db.c @@ -1840,15 +1840,11 @@ bool gravityDB_delFromTable(const enum gravity_list_type listtype, const cJSON* *message = sqlite3_errmsg(gravity_db); log_err("gravityDB_delFromTable(%d) - SQL error prepare(\"%s\"): %s", listtype, querystr, *message); + // Rollback transaction querystr = "ROLLBACK TRANSACTION;"; - rc = sqlite3_exec(gravity_db, querystr, NULL, NULL, NULL); - if(rc != SQLITE_OK) - { - *message = sqlite3_errmsg(gravity_db); - log_err("gravityDB_delFromTable(%d): SQL error exec(\"%s\"): %s", - listtype, querystr, *message); - } + sqlite3_exec(gravity_db, querystr, NULL, NULL, NULL); + return false; } @@ -1860,15 +1856,11 @@ bool gravityDB_delFromTable(const enum gravity_list_type listtype, const cJSON* listtype, querystr, *message); sqlite3_reset(stmt); sqlite3_finalize(stmt); + // Rollback transaction querystr = "ROLLBACK TRANSACTION;"; - rc = sqlite3_exec(gravity_db, querystr, NULL, NULL, NULL); - if(rc != SQLITE_OK) - { - *message = sqlite3_errmsg(gravity_db); - log_err("gravityDB_delFromTable(%d): SQL error exec(\"%s\"): %s", - listtype, querystr, *message); - } + sqlite3_exec(gravity_db, querystr, NULL, NULL, NULL); + return false; } @@ -1888,15 +1880,11 @@ bool gravityDB_delFromTable(const enum gravity_list_type listtype, const cJSON* *message = sqlite3_errmsg(gravity_db); log_err("gravityDB_delFromTable(%d) - SQL error prepare(\"%s\"): %s", listtype, querystr, *message); + // Rollback transaction querystr = "ROLLBACK TRANSACTION;"; - rc = sqlite3_exec(gravity_db, querystr, NULL, NULL, NULL); - if(rc != SQLITE_OK) - { - *message = sqlite3_errmsg(gravity_db); - log_err("gravityDB_delFromTable(%d): SQL error exec(\"%s\"): %s", - listtype, querystr, *message); - } + sqlite3_exec(gravity_db, querystr, NULL, NULL, NULL); + return false; } @@ -1914,15 +1902,11 @@ bool gravityDB_delFromTable(const enum gravity_list_type listtype, const cJSON* type->valueint, rc, *message); sqlite3_reset(stmt); sqlite3_finalize(stmt); + // Rollback transaction querystr = "ROLLBACK TRANSACTION;"; - rc = sqlite3_exec(gravity_db, querystr, NULL, NULL, NULL); - if(rc != SQLITE_OK) - { - *message = sqlite3_errmsg(gravity_db); - log_err("gravityDB_delFromTable(%d): SQL error exec(\"%s\"): %s", - type->valueint, querystr, *message); - } + sqlite3_exec(gravity_db, querystr, NULL, NULL, NULL); + return false; } @@ -1936,15 +1920,11 @@ bool gravityDB_delFromTable(const enum gravity_list_type listtype, const cJSON* listtype, rc, *message); sqlite3_reset(stmt); sqlite3_finalize(stmt); + // Rollback transaction querystr = "ROLLBACK TRANSACTION;"; - rc = sqlite3_exec(gravity_db, querystr, NULL, NULL, NULL); - if(rc != SQLITE_OK) - { - *message = sqlite3_errmsg(gravity_db); - log_err("gravityDB_delFromTable(%d): SQL error exec(\"%s\"): %s", - listtype, querystr, *message); - } + sqlite3_exec(gravity_db, querystr, NULL, NULL, NULL); + return false; } @@ -1956,15 +1936,11 @@ bool gravityDB_delFromTable(const enum gravity_list_type listtype, const cJSON* listtype, querystr, *message); sqlite3_reset(stmt); sqlite3_finalize(stmt); + // Rollback transaction querystr = "ROLLBACK TRANSACTION;"; - rc = sqlite3_exec(gravity_db, querystr, NULL, NULL, NULL); - if(rc != SQLITE_OK) - { - *message = sqlite3_errmsg(gravity_db); - log_err("gravityDB_delFromTable(%d): SQL error exec(\"%s\"): %s", - listtype, querystr, *message); - } + sqlite3_exec(gravity_db, querystr, NULL, NULL, NULL); + return false; } @@ -2024,13 +2000,7 @@ bool gravityDB_delFromTable(const enum gravity_list_type listtype, const cJSON* // Rollback transaction querystr = "ROLLBACK TRANSACTION;"; - rc = sqlite3_exec(gravity_db, querystr, NULL, NULL, NULL); - if(rc != SQLITE_OK) - { - *message = sqlite3_errmsg(gravity_db); - log_err("gravityDB_delFromTable(%d): SQL error exec: %s", - listtype, *message); - } + sqlite3_exec(gravity_db, querystr, NULL, NULL, NULL); break; } @@ -2048,13 +2018,7 @@ bool gravityDB_delFromTable(const enum gravity_list_type listtype, const cJSON* // Rollback transaction querystr = "ROLLBACK TRANSACTION;"; - rc = sqlite3_exec(gravity_db, querystr, NULL, NULL, NULL); - if(rc != SQLITE_OK) - { - *message = sqlite3_errmsg(gravity_db); - log_err("gravityDB_delFromTable(%d): SQL error exec(\"%s\"): %s", - listtype, querystr, *message); - } + sqlite3_exec(gravity_db, querystr, NULL, NULL, NULL); } // Commit transaction @@ -2069,13 +2033,7 @@ bool gravityDB_delFromTable(const enum gravity_list_type listtype, const cJSON* // Rollback transaction querystr = "ROLLBACK TRANSACTION;"; - rc = sqlite3_exec(gravity_db, querystr, NULL, NULL, NULL); - if(rc != SQLITE_OK) - { - *message = sqlite3_errmsg(gravity_db); - log_err("gravityDB_delFromTable(%d): SQL error exec(\"%s\"): %s", - listtype, querystr, *message); - } + sqlite3_exec(gravity_db, querystr, NULL, NULL, NULL); } return okay; From 5f0e405d82f90c4c53bfe9dd558e858c52061327 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Tue, 26 Dec 2023 09:36:06 +0100 Subject: [PATCH 2/2] Update bundled cJSON from 1.7.15 -> 1.7.17 released yesterday Signed-off-by: DL6ER --- src/webserver/cJSON/cJSON.c | 43 ++++++++++++++++++++++++++----------- src/webserver/cJSON/cJSON.h | 11 ++++++++-- 2 files changed, 40 insertions(+), 14 deletions(-) diff --git a/src/webserver/cJSON/cJSON.c b/src/webserver/cJSON/cJSON.c index ebd486688..4e4979e99 100644 --- a/src/webserver/cJSON/cJSON.c +++ b/src/webserver/cJSON/cJSON.c @@ -96,9 +96,9 @@ CJSON_PUBLIC(const char *) cJSON_GetErrorPtr(void) return (const char*) (global_error.json + global_error.position); } -CJSON_PUBLIC(char *) cJSON_GetStringValue(const cJSON * const item) +CJSON_PUBLIC(char *) cJSON_GetStringValue(const cJSON * const item) { - if (!cJSON_IsString(item)) + if (!cJSON_IsString(item)) { return NULL; } @@ -106,9 +106,9 @@ CJSON_PUBLIC(char *) cJSON_GetStringValue(const cJSON * const item) return item->valuestring; } -CJSON_PUBLIC(double) cJSON_GetNumberValue(const cJSON * const item) +CJSON_PUBLIC(double) cJSON_GetNumberValue(const cJSON * const item) { - if (!cJSON_IsNumber(item)) + if (!cJSON_IsNumber(item)) { return (double) NAN; } @@ -117,7 +117,7 @@ CJSON_PUBLIC(double) cJSON_GetNumberValue(const cJSON * const item) } /* This is a safeguard to prevent copy-pasters from using incompatible C and header files */ -#if (CJSON_VERSION_MAJOR != 1) || (CJSON_VERSION_MINOR != 7) || (CJSON_VERSION_PATCH != 15) +#if (CJSON_VERSION_MAJOR != 1) || (CJSON_VERSION_MINOR != 7) || (CJSON_VERSION_PATCH != 17) #error cJSON.h and cJSON.c have different versions. Make sure that both have the same. #endif @@ -401,7 +401,12 @@ CJSON_PUBLIC(char*) cJSON_SetValuestring(cJSON *object, const char *valuestring) { char *copy = NULL; /* if object's type is not cJSON_String or is cJSON_IsReference, it should not set valuestring */ - if (!(object->type & cJSON_String) || (object->type & cJSON_IsReference)) + if ((object == NULL) || !(object->type & cJSON_String) || (object->type & cJSON_IsReference)) + { + return NULL; + } + /* return NULL if the object is corrupted */ + if (object->valuestring == NULL) { return NULL; } @@ -511,7 +516,7 @@ static unsigned char* ensure(printbuffer * const p, size_t needed) return NULL; } - + memcpy(newbuffer, p->buffer, p->offset + 1); p->hooks.deallocate(p->buffer); } @@ -562,6 +567,10 @@ static cJSON_bool print_number(const cJSON * const item, printbuffer * const out { length = sprintf((char*)number_buffer, "null"); } + else if(d == (double)item->valueint) + { + length = sprintf((char*)number_buffer, "%d", item->valueint); + } else { /* Try 15 decimal places of precision to avoid nonsignificant nonzero digits */ @@ -1103,7 +1112,7 @@ CJSON_PUBLIC(cJSON *) cJSON_ParseWithLengthOpts(const char *value, size_t buffer } buffer.content = (const unsigned char*)value; - buffer.length = buffer_length; + buffer.length = buffer_length; buffer.offset = 0; buffer.hooks = global_hooks; @@ -2260,7 +2269,7 @@ CJSON_PUBLIC(cJSON_bool) cJSON_InsertItemInArray(cJSON *array, int which, cJSON { cJSON *after_inserted = NULL; - if (which < 0) + if (which < 0 || newitem == NULL) { return false; } @@ -2271,6 +2280,11 @@ CJSON_PUBLIC(cJSON_bool) cJSON_InsertItemInArray(cJSON *array, int which, cJSON return add_item_to_array(array, newitem); } + if (after_inserted != array->child && after_inserted->prev == NULL) { + /* return false if after_inserted is a corrupted array item */ + return false; + } + newitem->next = after_inserted; newitem->prev = after_inserted->prev; after_inserted->prev = newitem; @@ -2287,7 +2301,7 @@ CJSON_PUBLIC(cJSON_bool) cJSON_InsertItemInArray(cJSON *array, int which, cJSON CJSON_PUBLIC(cJSON_bool) cJSON_ReplaceItemViaPointer(cJSON * const parent, cJSON * const item, cJSON * replacement) { - if ((parent == NULL) || (replacement == NULL) || (item == NULL)) + if ((parent == NULL) || (parent->child == NULL) || (replacement == NULL) || (item == NULL)) { return false; } @@ -2357,6 +2371,11 @@ static cJSON_bool replace_item_in_object(cJSON *object, const char *string, cJSO cJSON_free(replacement->string); } replacement->string = (char*)cJSON_strdup((const unsigned char*)string, &global_hooks); + if (replacement->string == NULL) + { + return false; + } + replacement->type &= ~cJSON_StringIsConst; return cJSON_ReplaceItemViaPointer(object, get_object_item(object, string, case_sensitive), replacement); @@ -2689,7 +2708,7 @@ CJSON_PUBLIC(cJSON *) cJSON_CreateStringArray(const char *const *strings, int co if (a && a->child) { a->child->prev = n; } - + return a; } @@ -3107,4 +3126,4 @@ CJSON_PUBLIC(void *) cJSON_malloc(size_t size) CJSON_PUBLIC(void) cJSON_free(void *object) { global_hooks.deallocate(object); -} \ No newline at end of file +} diff --git a/src/webserver/cJSON/cJSON.h b/src/webserver/cJSON/cJSON.h index 8ff711b8d..218cc9ea6 100644 --- a/src/webserver/cJSON/cJSON.h +++ b/src/webserver/cJSON/cJSON.h @@ -81,7 +81,7 @@ then using the CJSON_API_VISIBILITY flag to "export" the same symbols the way CJ /* project version */ #define CJSON_VERSION_MAJOR 1 #define CJSON_VERSION_MINOR 7 -#define CJSON_VERSION_PATCH 15 +#define CJSON_VERSION_PATCH 17 #include @@ -279,6 +279,13 @@ CJSON_PUBLIC(double) cJSON_SetNumberHelper(cJSON *object, double number); /* Change the valuestring of a cJSON_String object, only takes effect when type of object is cJSON_String */ CJSON_PUBLIC(char*) cJSON_SetValuestring(cJSON *object, const char *valuestring); +/* If the object is not a boolean type this does nothing and returns cJSON_Invalid else it returns the new type*/ +#define cJSON_SetBoolValue(object, boolValue) ( \ + (object != NULL && ((object)->type & (cJSON_False|cJSON_True))) ? \ + (object)->type=((object)->type &(~(cJSON_False|cJSON_True)))|((boolValue)?cJSON_True:cJSON_False) : \ + cJSON_Invalid\ +) + /* Macro for iterating over an array or object */ #define cJSON_ArrayForEach(element, array) for(element = (array != NULL) ? (array)->child : NULL; element != NULL; element = element->next) @@ -290,4 +297,4 @@ CJSON_PUBLIC(void) cJSON_free(void *object); } #endif -#endif \ No newline at end of file +#endif