Overflow detection, span-based signatures, flatten control flow
This commit is contained in:
Ian Gulliver
@@ -4,7 +4,7 @@
|
|||||||
#include <span>
|
#include <span>
|
||||||
#include "wire.h"
|
#include "wire.h"
|
||||||
|
|
||||||
using handler_fn = size_t (*)(uint32_t message_id, std::span<const uint8_t> payload, span_writer &out);
|
using handler_fn = msgpack::result<size_t> (*)(uint32_t message_id, std::span<const uint8_t> payload, span_writer &out);
|
||||||
|
|
||||||
struct handler_entry {
|
struct handler_entry {
|
||||||
int8_t type_id;
|
int8_t type_id;
|
||||||
@@ -12,7 +12,7 @@ struct handler_entry {
|
|||||||
};
|
};
|
||||||
|
|
||||||
template <typename Req, auto Fn>
|
template <typename Req, auto Fn>
|
||||||
size_t typed_handler(uint32_t message_id, std::span<const uint8_t> payload, span_writer &out) {
|
msgpack::result<size_t> typed_handler(uint32_t message_id, std::span<const uint8_t> payload, span_writer &out) {
|
||||||
msgpack::parser p(payload.data(), static_cast<int>(payload.size()));
|
msgpack::parser p(payload.data(), static_cast<int>(payload.size()));
|
||||||
Req req;
|
Req req;
|
||||||
auto tup = req.as_tuple();
|
auto tup = req.as_tuple();
|
||||||
|
|||||||
@@ -4,13 +4,14 @@
|
|||||||
#include <functional>
|
#include <functional>
|
||||||
#include <span>
|
#include <span>
|
||||||
#include "span_writer.h"
|
#include "span_writer.h"
|
||||||
|
#include "msgpack.h"
|
||||||
|
|
||||||
struct net_state {
|
struct net_state {
|
||||||
std::array<uint8_t, 6> mac;
|
std::array<uint8_t, 6> mac;
|
||||||
std::array<uint8_t, 4> ip;
|
std::array<uint8_t, 4> ip;
|
||||||
};
|
};
|
||||||
|
|
||||||
using net_handler = std::function<size_t(std::span<const uint8_t> payload, span_writer &out)>;
|
using net_handler = std::function<msgpack::result<size_t>(std::span<const uint8_t> payload, span_writer &out)>;
|
||||||
|
|
||||||
bool net_init();
|
bool net_init();
|
||||||
const net_state& net_get_state();
|
const net_state& net_get_state();
|
||||||
|
|||||||
@@ -8,6 +8,7 @@ class span_writer {
|
|||||||
uint8_t *m_data;
|
uint8_t *m_data;
|
||||||
size_t m_capacity;
|
size_t m_capacity;
|
||||||
size_t m_size = 0;
|
size_t m_size = 0;
|
||||||
|
bool m_overflow = false;
|
||||||
|
|
||||||
public:
|
public:
|
||||||
span_writer(uint8_t *data, size_t capacity) : m_data(data), m_capacity(capacity) {}
|
span_writer(uint8_t *data, size_t capacity) : m_data(data), m_capacity(capacity) {}
|
||||||
@@ -15,17 +16,21 @@ public:
|
|||||||
|
|
||||||
void push_back(uint8_t v) {
|
void push_back(uint8_t v) {
|
||||||
if (m_size < m_capacity) m_data[m_size++] = v;
|
if (m_size < m_capacity) m_data[m_size++] = v;
|
||||||
|
else m_overflow = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
template <class It>
|
template <class It>
|
||||||
void insert(uint8_t *, It first, It last) {
|
void insert(uint8_t *, It first, It last) {
|
||||||
while (first != last && m_size < m_capacity)
|
while (first != last) {
|
||||||
m_data[m_size++] = *first++;
|
if (m_size < m_capacity) m_data[m_size++] = *first++;
|
||||||
|
else { m_overflow = true; return; }
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
size_t size() const { return m_size; }
|
size_t size() const { return m_size; }
|
||||||
size_t capacity() const { return m_capacity; }
|
size_t capacity() const { return m_capacity; }
|
||||||
bool full() const { return m_size >= m_capacity; }
|
bool full() const { return m_size >= m_capacity; }
|
||||||
|
bool overflow() const { return m_overflow; }
|
||||||
|
|
||||||
uint8_t *data() { return m_data; }
|
uint8_t *data() { return m_data; }
|
||||||
const uint8_t *data() const { return m_data; }
|
const uint8_t *data() const { return m_data; }
|
||||||
|
|||||||
@@ -109,7 +109,7 @@ static constexpr size_t envelope_hdr_len =
|
|||||||
static constexpr size_t response_prefix_len = envelope_hdr_len + ext16_header_len;
|
static constexpr size_t response_prefix_len = envelope_hdr_len + ext16_header_len;
|
||||||
|
|
||||||
template <typename T>
|
template <typename T>
|
||||||
inline size_t encode_response_into(span_writer &out, uint32_t message_id, const T &msg) {
|
inline msgpack::result<size_t> encode_response_into(span_writer &out, uint32_t message_id, const T &msg) {
|
||||||
auto body = out.subspan(response_prefix_len);
|
auto body = out.subspan(response_prefix_len);
|
||||||
msgpack::packer body_p(body);
|
msgpack::packer body_p(body);
|
||||||
body_p.pack(msg.as_tuple());
|
body_p.pack(msg.as_tuple());
|
||||||
@@ -129,6 +129,8 @@ inline size_t encode_response_into(span_writer &out, uint32_t message_id, const
|
|||||||
hdr.pack_uint32_fixed(checksum);
|
hdr.pack_uint32_fixed(checksum);
|
||||||
hdr.pack_bin16_header(static_cast<uint16_t>(bin_len));
|
hdr.pack_bin16_header(static_cast<uint16_t>(bin_len));
|
||||||
|
|
||||||
|
if (body.overflow() || inner_ext.overflow() || env_hdr.overflow())
|
||||||
|
return std::unexpected(msgpack::error_code::overflow);
|
||||||
return response_prefix_len + body.size();
|
return response_prefix_len + body.size();
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -176,6 +178,3 @@ inline msgpack::result<T> decode_response(const uint8_t *data, size_t len) {
|
|||||||
return out;
|
return out;
|
||||||
}
|
}
|
||||||
|
|
||||||
inline size_t encode_request_into(span_writer &out, uint32_t message_id, const auto &msg) {
|
|
||||||
return encode_response_into(out, message_id, msg);
|
|
||||||
}
|
|
||||||
|
|||||||
@@ -31,7 +31,7 @@ void dispatch_schedule_ms(uint32_t ms, std::function<void()> fn) {
|
|||||||
static static_vector<uint8_t, 256> usb_rx_buf;
|
static static_vector<uint8_t, 256> usb_rx_buf;
|
||||||
static std::array<uint8_t, 1514> tx_buf;
|
static std::array<uint8_t, 1514> tx_buf;
|
||||||
|
|
||||||
net_set_handler([&](std::span<const uint8_t> payload, span_writer &out) -> size_t {
|
net_set_handler([&](std::span<const uint8_t> payload, span_writer &out) -> msgpack::result<size_t> {
|
||||||
auto msg = try_decode(payload.data(), payload.size());
|
auto msg = try_decode(payload.data(), payload.size());
|
||||||
if (!msg) return 0;
|
if (!msg) return 0;
|
||||||
auto it = handler_map.find(msg->type_id);
|
auto it = handler_map.find(msg->type_id);
|
||||||
@@ -62,20 +62,19 @@ void dispatch_schedule_ms(uint32_t ms, std::function<void()> fn) {
|
|||||||
usb_rx_buf.clear();
|
usb_rx_buf.clear();
|
||||||
|
|
||||||
auto it = handler_map.find(msg->type_id);
|
auto it = handler_map.find(msg->type_id);
|
||||||
if (it != handler_map.end()) {
|
if (it == handler_map.end()) continue;
|
||||||
span_writer out(tx_buf);
|
span_writer out(tx_buf);
|
||||||
size_t resp_len = it->second(msg->message_id, msg->payload, out);
|
auto resp = it->second(msg->message_id, msg->payload, out);
|
||||||
if (resp_len > 0) {
|
if (!resp || *resp == 0) continue;
|
||||||
if (resp_len > usb.tx.free()) {
|
size_t resp_len = *resp;
|
||||||
span_writer err_out(tx_buf);
|
if (resp_len <= usb.tx.free()) {
|
||||||
size_t err_len = encode_response_into(err_out, msg->message_id,
|
usb.send(std::span<const uint8_t>{tx_buf.data(), resp_len});
|
||||||
DeviceError{2, "response too large: " + std::to_string(resp_len)});
|
continue;
|
||||||
usb.send(std::span<const uint8_t>{tx_buf.data(), err_len});
|
|
||||||
} else {
|
|
||||||
usb.send(std::span<const uint8_t>{tx_buf.data(), resp_len});
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
span_writer err_out(tx_buf);
|
||||||
|
auto err = encode_response_into(err_out, msg->message_id,
|
||||||
|
DeviceError{2, "response too large: " + std::to_string(resp_len)});
|
||||||
|
if (err) usb.send(std::span<const uint8_t>{tx_buf.data(), *err});
|
||||||
}
|
}
|
||||||
|
|
||||||
__wfi();
|
__wfi();
|
||||||
|
|||||||
@@ -106,23 +106,25 @@ static bool ip_match_or_broadcast(const ip4_addr& dst) {
|
|||||||
return ip_match(dst) || dst == IP_BROADCAST_ALL || dst == IP_BROADCAST_SUBNET;
|
return ip_match(dst) || dst == IP_BROADCAST_ALL || dst == IP_BROADCAST_SUBNET;
|
||||||
}
|
}
|
||||||
|
|
||||||
static void send_raw(const void* data, size_t len) {
|
static void send_raw(std::span<const uint8_t> data) {
|
||||||
dlog_if_slow("send_raw", 1000, [&]{
|
dlog_if_slow("send_raw", 1000, [&]{
|
||||||
w6300::send(raw_socket, std::span<const uint8_t>{static_cast<const uint8_t*>(data), len});
|
w6300::send(raw_socket, data);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
static void handle_arp(const uint8_t* frame, size_t len) {
|
static void handle_arp(std::span<const uint8_t> frame, span_writer &tx) {
|
||||||
if (len < sizeof(arp_packet)) return;
|
if (frame.size() < sizeof(arp_packet)) return;
|
||||||
auto& pkt = *reinterpret_cast<const arp_packet*>(frame);
|
auto& pkt = *reinterpret_cast<const arp_packet*>(frame.data());
|
||||||
|
|
||||||
if (pkt.htype != ARP_HTYPE_ETH) return;
|
if (pkt.htype != ARP_HTYPE_ETH) return;
|
||||||
if (pkt.ptype != ARP_PTYPE_IPV4) return;
|
if (pkt.ptype != ARP_PTYPE_IPV4) return;
|
||||||
if (pkt.hlen != 6 || pkt.plen != 4) return;
|
if (pkt.hlen != 6 || pkt.plen != 4) return;
|
||||||
if (pkt.oper != ARP_OP_REQUEST) return;
|
if (pkt.oper != ARP_OP_REQUEST) return;
|
||||||
if (!ip_match(pkt.tpa)) return;
|
if (!ip_match(pkt.tpa)) return;
|
||||||
|
if (sizeof(arp_packet) > tx.capacity()) return;
|
||||||
|
|
||||||
arp_packet reply = {};
|
auto& reply = *reinterpret_cast<arp_packet*>(tx.data());
|
||||||
|
reply = {};
|
||||||
reply.eth.dst = pkt.eth.src;
|
reply.eth.dst = pkt.eth.src;
|
||||||
reply.eth.src = state.mac;
|
reply.eth.src = state.mac;
|
||||||
reply.eth.ethertype = ETH_ARP;
|
reply.eth.ethertype = ETH_ARP;
|
||||||
@@ -136,12 +138,12 @@ static void handle_arp(const uint8_t* frame, size_t len) {
|
|||||||
reply.tha = pkt.sha;
|
reply.tha = pkt.sha;
|
||||||
reply.tpa = pkt.spa;
|
reply.tpa = pkt.spa;
|
||||||
|
|
||||||
send_raw(&reply, sizeof(reply));
|
send_raw({tx.data(), sizeof(arp_packet)});
|
||||||
}
|
}
|
||||||
|
|
||||||
static void handle_udp(const uint8_t* frame, size_t len, span_writer &tx) {
|
static void handle_udp(std::span<const uint8_t> frame, span_writer &tx) {
|
||||||
if (len < sizeof(udp_header)) return;
|
if (frame.size() < sizeof(udp_header)) return;
|
||||||
auto& pkt = *reinterpret_cast<const udp_header*>(frame);
|
auto& pkt = *reinterpret_cast<const udp_header*>(frame.data());
|
||||||
|
|
||||||
if (pkt.dst_port != PICOMAP_PORT) return;
|
if (pkt.dst_port != PICOMAP_PORT) return;
|
||||||
if (!ip_match_or_broadcast(pkt.ip.dst)) return;
|
if (!ip_match_or_broadcast(pkt.ip.dst)) return;
|
||||||
@@ -151,12 +153,12 @@ static void handle_udp(const uint8_t* frame, size_t len, span_writer &tx) {
|
|||||||
if (udp_len < 8) return;
|
if (udp_len < 8) return;
|
||||||
if (sizeof(eth_header) + pkt.ip.ip_total_len() < sizeof(udp_header) + udp_len - 8) return;
|
if (sizeof(eth_header) + pkt.ip.ip_total_len() < sizeof(udp_header) + udp_len - 8) return;
|
||||||
|
|
||||||
auto* payload = frame + sizeof(udp_header);
|
|
||||||
size_t payload_len = udp_len - 8;
|
size_t payload_len = udp_len - 8;
|
||||||
|
|
||||||
auto resp = tx.subspan(sizeof(udp_header));
|
auto resp = tx.subspan(sizeof(udp_header));
|
||||||
size_t resp_len = msg_handler(std::span<const uint8_t>{payload, payload_len}, resp);
|
auto result = msg_handler(frame.subspan(sizeof(udp_header), payload_len), resp);
|
||||||
if (resp_len == 0) return;
|
if (!result || *result == 0) return;
|
||||||
|
size_t resp_len = *result;
|
||||||
|
|
||||||
size_t ip_total = 20 + 8 + resp_len;
|
size_t ip_total = 20 + 8 + resp_len;
|
||||||
size_t reply_len = sizeof(eth_header) + ip_total;
|
size_t reply_len = sizeof(eth_header) + ip_total;
|
||||||
@@ -183,19 +185,19 @@ static void handle_udp(const uint8_t* frame, size_t len, span_writer &tx) {
|
|||||||
rudp.length = __builtin_bswap16(8 + resp_len);
|
rudp.length = __builtin_bswap16(8 + resp_len);
|
||||||
rudp.checksum = 0;
|
rudp.checksum = 0;
|
||||||
|
|
||||||
send_raw(tx.data(), reply_len);
|
send_raw({tx.data(), reply_len});
|
||||||
}
|
}
|
||||||
|
|
||||||
static void handle_icmp(const uint8_t* frame, size_t len, span_writer &tx) {
|
static void handle_icmp(std::span<const uint8_t> frame, span_writer &tx) {
|
||||||
auto& ip = *reinterpret_cast<const ipv4_header*>(frame);
|
auto& ip = *reinterpret_cast<const ipv4_header*>(frame.data());
|
||||||
size_t ip_hdr_len = ip.ip_header_len();
|
size_t ip_hdr_len = ip.ip_header_len();
|
||||||
size_t ip_total = ip.ip_total_len();
|
size_t ip_total = ip.ip_total_len();
|
||||||
|
|
||||||
if (sizeof(eth_header) + ip_total > len) return;
|
if (sizeof(eth_header) + ip_total > frame.size()) return;
|
||||||
if (ip.protocol != 1) return;
|
if (ip.protocol != 1) return;
|
||||||
if (!ip_match_or_broadcast(ip.dst)) return;
|
if (!ip_match_or_broadcast(ip.dst)) return;
|
||||||
|
|
||||||
auto& icmp = *reinterpret_cast<const icmp_echo*>(frame + sizeof(eth_header) + ip_hdr_len);
|
auto& icmp = *reinterpret_cast<const icmp_echo*>(frame.data() + sizeof(eth_header) + ip_hdr_len);
|
||||||
size_t icmp_len = ip_total - ip_hdr_len;
|
size_t icmp_len = ip_total - ip_hdr_len;
|
||||||
if (icmp_len < sizeof(icmp_echo)) return;
|
if (icmp_len < sizeof(icmp_echo)) return;
|
||||||
if (icmp.type != 8) return;
|
if (icmp.type != 8) return;
|
||||||
@@ -203,7 +205,7 @@ static void handle_icmp(const uint8_t* frame, size_t len, span_writer &tx) {
|
|||||||
size_t reply_len = sizeof(eth_header) + ip_total;
|
size_t reply_len = sizeof(eth_header) + ip_total;
|
||||||
if (reply_len > tx.capacity()) return;
|
if (reply_len > tx.capacity()) return;
|
||||||
|
|
||||||
memcpy(tx.data(), frame, reply_len);
|
memcpy(tx.data(), frame.data(), reply_len);
|
||||||
auto& rip = *reinterpret_cast<ipv4_header*>(tx.data());
|
auto& rip = *reinterpret_cast<ipv4_header*>(tx.data());
|
||||||
rip.eth.dst = ip.eth.src;
|
rip.eth.dst = ip.eth.src;
|
||||||
rip.eth.src = state.mac;
|
rip.eth.src = state.mac;
|
||||||
@@ -218,36 +220,36 @@ static void handle_icmp(const uint8_t* frame, size_t len, span_writer &tx) {
|
|||||||
ricmp.checksum = 0;
|
ricmp.checksum = 0;
|
||||||
ricmp.checksum = ip_checksum(&ricmp, icmp_len);
|
ricmp.checksum = ip_checksum(&ricmp, icmp_len);
|
||||||
|
|
||||||
send_raw(tx.data(), reply_len);
|
send_raw({tx.data(), reply_len});
|
||||||
}
|
}
|
||||||
|
|
||||||
static void handle_ipv4(const uint8_t* frame, size_t len, span_writer &tx) {
|
static void handle_ipv4(std::span<const uint8_t> frame, span_writer &tx) {
|
||||||
if (len < sizeof(ipv4_header)) return;
|
if (frame.size() < sizeof(ipv4_header)) return;
|
||||||
auto& ip = *reinterpret_cast<const ipv4_header*>(frame);
|
auto& ip = *reinterpret_cast<const ipv4_header*>(frame.data());
|
||||||
if ((ip.ver_ihl >> 4) != 4) return;
|
if ((ip.ver_ihl >> 4) != 4) return;
|
||||||
|
|
||||||
switch (ip.protocol) {
|
switch (ip.protocol) {
|
||||||
case 1:
|
case 1:
|
||||||
handle_icmp(frame, len, tx);
|
handle_icmp(frame, tx);
|
||||||
break;
|
break;
|
||||||
case 17:
|
case 17:
|
||||||
handle_udp(frame, len, tx);
|
handle_udp(frame, tx);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
static void process_frame(const uint8_t* frame, size_t len, span_writer &tx) {
|
static void process_frame(std::span<const uint8_t> frame, span_writer &tx) {
|
||||||
if (len < sizeof(eth_header)) return;
|
if (frame.size() < sizeof(eth_header)) return;
|
||||||
auto& eth = *reinterpret_cast<const eth_header*>(frame);
|
auto& eth = *reinterpret_cast<const eth_header*>(frame.data());
|
||||||
|
|
||||||
if (!mac_match(eth.dst)) return;
|
if (!mac_match(eth.dst)) return;
|
||||||
|
|
||||||
switch (eth.ethertype) {
|
switch (eth.ethertype) {
|
||||||
case ETH_ARP:
|
case ETH_ARP:
|
||||||
handle_arp(frame, len);
|
handle_arp(frame, tx);
|
||||||
break;
|
break;
|
||||||
case ETH_IPV4:
|
case ETH_IPV4:
|
||||||
handle_ipv4(frame, len, tx);
|
handle_ipv4(frame, tx);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -295,6 +297,6 @@ void net_poll(std::span<uint8_t> tx) {
|
|||||||
auto result = w6300::recv(raw_socket, std::span{rx_buf});
|
auto result = w6300::recv(raw_socket, std::span{rx_buf});
|
||||||
if (!result) break;
|
if (!result) break;
|
||||||
span_writer tx_writer(tx);
|
span_writer tx_writer(tx);
|
||||||
process_frame(rx_buf, *result, tx_writer);
|
process_frame({rx_buf, *result}, tx_writer);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -31,8 +31,13 @@ static ResponseTest test_discovery() {
|
|||||||
|
|
||||||
uint8_t req_buf[1514];
|
uint8_t req_buf[1514];
|
||||||
span_writer req_out(req_buf, sizeof(req_buf));
|
span_writer req_out(req_buf, sizeof(req_buf));
|
||||||
size_t req_len = encode_request_into(req_out, 0, RequestInfo{});
|
auto req_len = encode_response_into(req_out, 0, RequestInfo{});
|
||||||
auto send_result = w6300::send(test_socket, std::span<const uint8_t>{req_buf, req_len});
|
if (!req_len) {
|
||||||
|
resp.pass = false;
|
||||||
|
resp.messages.push_back("encode: overflow");
|
||||||
|
return resp;
|
||||||
|
}
|
||||||
|
auto send_result = w6300::send(test_socket, std::span<const uint8_t>{req_buf, *req_len});
|
||||||
if (!send_result) {
|
if (!send_result) {
|
||||||
resp.pass = false;
|
resp.pass = false;
|
||||||
resp.messages.push_back("send: error " + std::to_string(static_cast<int>(send_result.error())));
|
resp.messages.push_back("send: error " + std::to_string(static_cast<int>(send_result.error())));
|
||||||
|
|||||||
Reference in New Issue
Block a user