Check ks buffer pointer overflow before dereferencing it. #203
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
andywolk
approved these changes
Mar 13, 2024
tajamulTelnyx
pushed a commit
to team-telnyx/libks
that referenced
this pull request
Feb 12, 2025
* Remove memory pools from ks_json (signalwire#49) * Removed memory pools from ks_json * Renamed cJSON to kJSON to protect against library mismatches * Reworked ks_json interface so it is safer to use * Set library version to 2.0.0 * Fix ks_json when ks_pool debugging is enabled * Add optional array JSON check * Remove assert that is always true * Fix unused variable warning * Quiet handle logs * Added check to skip an invalid 0 sequence on new handles, which sporadically can happen when wrapping over (particularly with random sequence starting point for each handle group) * Removed errors back to warnings for handle validation * Added a kws_create to use before calling kws_connect or kws_init, if allocated when passed to kws_connect or kws_init then it will use the existing kws object, this allows to assign callbacks or other values before calling connect * Added init callback to allow modifying SSL extensions and options before calling connect in KWS * Remove ks_handle and ks_throughput * Remove extra state from ks_thread. It is now just a platform-independent wrapper to the OS thread libs * Destroy detached thread on exit * Detached thread must own its own memory pool (signalwire#76) Detached thread must own its own memory pool * Version bump Windows package to v2.0 * change error name to indicate its due to a remote close request * fix testwebsock2 test on platforms without bswap64 * disable cotire due to pch failures on some platforms * add ssl pending check to kws_wait_sock * add new KS_POLL_ types * Fix changelog when packaging for Debian. * rearange kws socket shutdown sequence so we more gracefully shut down ssl sockets. * add http functions (signalwire#70) * add http functions * disable nagle and add keepalive to ws * Fix .drone.yml * Enable v2.0 branch on Drone * unused var * null_logger should be file static * [Testing] Move Drone artifacts to signalwire.cloud * Json logging option (signalwire#87) * Changes to support jsonified log output to console * Clear OpenSSL error queue with ERR_clear_error() prior to executing SSL_* functions that check it. * Do not detach worker threads in ks_thread_pool * fix buffer overflow * Extend error handling in ks_poll on Windows. Avoid setting POLLERR and POLLHUP as they are meaningless in the events field. Setting POLLHUP on Windows results as an error 10022 (Invalid argument). * Fix CRYPTO_MEM_CHECK_ON undefined CRYPTO_MEM_CHECK_ON still exists in OpenSSL 3.x, but is now inside ifndef OPENSSL_NO_CRYPTO_MDEBUG So it exists only in debug builds. Probably the right fix is to just add ifdef CRYPTO_MEM_CHECK_ON around code that tries to use it. mumble-voip/mumble#4266 * Fix some errors (reported by LGTM) (signalwire#73) * Fix format strings and missing arguments for formatting function (LGTM) This fixes two classes of errors which were reported by LGTM: Too few arguments to formatting function Wrong type of arguments to formatting function Signed-off-by: Stefan Weil <[email protected]> * Add missing return statement to function This fixes an error reported by LGTM: Missing return statement Signed-off-by: Stefan Weil <[email protected]> * Cflags should point to include folder, not to include/libks Since all headers include as "libks/ks.h", cflags should point to just <prefix>/include, not to the <prefix>/include/libks. In current mode with libks in cflags in pkg-config files must be referenced simply as "ks.h". * Revert "Cflags should point to include folder, not to include/libks" This reverts commit cffc838. * Fix use after free of headers_k and headers_v of kws_request_t * Return fail instead of assert on ssl errors. * Enable scan build 7 on Drone CI * scan build: Uninitialized argument value in ks_addr_get_port() * scan build: Branch condition evaluates to a garbage value in ks_check_network_list_ip_cidr() * Fix thread return data * Don't fail if thread already exited * Queue peek (signalwire#99) * Added trypeek to ks_q * Ignore this, slapping drone * Added test, however other test in testq doesn't seem to work, something is wrong with thread creation or joining, needs further investigation but the new test works Drone is also not currently running the libks tests, this should probably be fixed * Fix tests * Undo readme change used to kick drone previously * Garbage collect dead threads in a thread pool. * Remove spinlocks from memory pools * Fix kws_request_reset() leaving garbage pointers in the headers. * Update Drone CI signature. * Enable unit tests on Drone CI * Remove build dependency to libconfig * read more to handle fragmented tcp writes (signalwire#108) Co-authored-by: Mike Jerris <[email protected]> Co-authored-by: Chris Rienzo <[email protected]> * fix some build warnings on mac * Fix setting thread priority * Thread creates with default schedule when there is a problem with setting new scheduling policy * Fix race around thread_create/thread_launch/thread_destroy * Fix overflow when kws_raw_read() fills buffer. Add kws_string_read() which will always NULL terminate data read from websocket. * Fix kws_raw_read_blocking() zero reads bug for iOS 15. * kws support add custom headers * Add KS_PRI_DEFAULT to initialize ks_thread with OS default priority. Remove dead code. Lower thread priority error to warning since failure to set priority may be common in unprivileged processes. * Update Drone CI signature (signalwire#127) * Update Drone CI signature * Work around udp ipv6 bind failure in CI. Co-authored-by: Chris Rienzo <[email protected]> * add support for enclosing report (signalwire#130) * add support for enclosing report * Add payload_size_max param to kws * Fix wrong buffer resize math in kws_read_frame() (signalwire#140) * Make nominal CLOSE opcode for kws less chatty with DEBUG level output instead of ERROR (which can trigger sentry) * Forcing new build * Fix rounding errors * comment * CMakeList.txt: correct location of «copyright» file Otherwise out-of-source builds do not work * Copyright 2018-2023 * Update Windows packaging to match latest master changes * Rename package to libks2 but keep library name as libks. * Replace __PRETTY_FUNCTION__ with __KS_FUNC__ * ported scan_build * run_tests * run test on ubuntu-latest instead of 16 core runner * forgot to call run_tests.sh * delete uneeded script and fix typo * run_tests.sh * make test fail to see if the logs are in the correct path * cat artifacts.html * read artifact.html * upload artifacts.html and notify on failure * make testtime.c passes and fix the artifact path * try removing cd * Rename both package and library name to libks2. * Fix MacOS build in 2.0 * add support for SNI Server-Name Indication (SNI) allows the remote server to select a certificate based on the server name. * format * Bump version to 1.8.4 * add TCP_KEEPINTVL and TCP_KEEPIDLE. set both to 30 seconds. (signalwire#160) * Fix TCP_KEEPIDLE and TCP_KEEPINTVL which does not exist on MAC * Update GHA workflow trigger branch from v2.0 to master * Bump version to 2.0.1 * Disable use of TCP_KEEPIDLE and TCP_KEEPINTVL socket options. Introduce undefined KS_KEEP_IDLE_INTVL. * Bump version to 2.0.2 * build image and push on merge (signalwire#167) * [CI] build libks image when pushed to master * updated to use pr-mpt/actions-commit-hash@v2 * added mkissing new line in Dockerfile --------- Co-authored-by: Aye Min Aung <[email protected]> * Revert "build image and push on merge (signalwire#167)" (signalwire#170) This reverts commit 8ea893b. * maybe fix, at least doesn't crash * send WSOC_CLOSE when closing websocket connection (per protocol). * set mask and use the masking key for the WSOC_CLOSE Reason (per protocol). (signalwire#173) * set mask and use the masking key for the WSOC_CLOSE Reason (per protocol). * only mask from client to server (per protocol). * Make SSL shutdown procedure strict to openssl documentation. * Bump version to 2.0.3 * fix playload unmask overflow * Revert "maybe fix, at least doesn't crash" * Fix build of unit-tests on Windows. * WebSockets: move assert out of the loop in kws_read_frame() * GHA: Add build and publish DEBs workflow. * GHA: Use branch name in metarepo branch naming. * GHA: Set source branch name variable. * GHA: Trigger build workflow in `release` branch also. * GHA: Add DEB armhf support. * [GHA] Add support for building RPMs using GHA. * GHA: Fix invalid LIB_NAME value name. * Bump version to 2.0.4 * [cmake] Don't use CPACK_DEBIAN_PACKAGE_RELEASE, set CPACK_DEBIAN_PACKAGE_VERSION directly. * Check ks buffer pointer overflow before dereferencing it. (signalwire#203) * [GHA] Use `cicd-docker-build-and-distribute.yml`. * [GHA] Use `meta-repo-content` workflow. * [GHA] Shorten artifact path store location. * [GHA] Add `arm64v8` build target. * Bump version to 2.0.5 * Delete drone config (signalwire#212) * Fix return from kws_raw_write on fragmented frame sending (signalwire#214) * kws_raw_write should return the total number of bytes sent, not just the last fragment sent * Adjustment to make sure returns of -1 are captured as well, and fix missing spot in SSL block * Added zero to be inclusive as successful write when using raw sockets, but according to SSL lib 0 is an error so the behavior is slightly different using SSL versus not on the writing returns * Adjust the kws_write_frame so that when it sees a return <=0 it returns the error instead of the total written bytes * [GHA] Remove unsupported build targets. * Bump version to 2.0.6 * TEL-6178: Remove ARM platforms. --------- Signed-off-by: Stefan Weil <[email protected]> Co-authored-by: Chris Rienzo <[email protected]> Co-authored-by: Shane Bryldt <[email protected]> Co-authored-by: Andrey Volk <[email protected]> Co-authored-by: Mike Jerris <[email protected]> Co-authored-by: Seven Du <[email protected]> Co-authored-by: Anthony Minessale <[email protected]> Co-authored-by: Michael Jerris <[email protected]> Co-authored-by: Shane Bryldt <[email protected]> Co-authored-by: Piotr Gregor <[email protected]> Co-authored-by: Stefan Weil <[email protected]> Co-authored-by: Nickolay V. Shmyrev <[email protected]> Co-authored-by: Seven Du <[email protected]> Co-authored-by: Jakub Karolczyk <[email protected]> Co-authored-by: Pavel V. Sysolyatin <[email protected]> Co-authored-by: wkiswk <[email protected]> Co-authored-by: Stéphane Alnet <[email protected]> Co-authored-by: Stéphane Alnet <[email protected]> Co-authored-by: Дилян Палаузов <[email protected]> Co-authored-by: Aye Min Aung <[email protected]> Co-authored-by: Aye Min Aung <[email protected]> Co-authored-by: Dragos Oancea <[email protected]> Co-authored-by: Chris Clement <[email protected]> Co-authored-by: Ryan Williams <[email protected]> Co-authored-by: chucongqing <[email protected]> Co-authored-by: s3rj1k <[email protected]> Co-authored-by: Ryan Williams <[email protected]> Co-authored-by: damir nedžibović <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.