diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 92caf59ca..5ccc31c95 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -13,7 +13,7 @@ jobs: steps: # checkout - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: submodules: recursive @@ -40,6 +40,18 @@ jobs: cppcheck --enable=all --error-exitcode=2 --inline-suppr --suppress=missingInclude --suppress=unusedFunction --suppress=*:src/otel/trace.pb-c.c --suppress=*:src/otel/common.pb-c.c --suppress=*:src/otel/resource.pb-c.c ./plugins ./src cppcheck --enable=all --error-exitcode=2 --inline-suppr --suppress=missingInclude --suppress=variableScope ./simulator + flawfinder: + name: Flawfinder Scan + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v6 + + - name: flawfinder_scan + uses: david-a-wheeler/flawfinder@2.0.20 + with: + arguments: '--minlevel=3 .' + build: runs-on: ubuntu-24.04 container: ghcr.io/neugates/build:x86_64-main diff --git a/plugins/mqtt/mqtt_handle.c b/plugins/mqtt/mqtt_handle.c index d2f4e45d9..45b7cc66d 100644 --- a/plugins/mqtt/mqtt_handle.c +++ b/plugins/mqtt/mqtt_handle.c @@ -39,7 +39,7 @@ static void to_traceparent(uint8_t *trace_id, char *span_id, char *out) size += sprintf(out + size, "%02x", trace_id[i]); } - sprintf(out + size, "-%s-01", span_id); + snprintf(out + size, strlen(span_id) + 5, "-%s-01", span_id); } static int tag_values_to_json(UT_array *tags, mqtt_static_vt_t *s_tags, @@ -281,7 +281,7 @@ static inline int send_driver_action(neu_plugin_t * plugin, header.ctx = NULL; neu_req_driver_action_t action = { 0 }; - strncpy(action.driver, req->driver, NEU_NODE_NAME_LEN); + strncpy(action.driver, req->driver, NEU_NODE_NAME_LEN - 1); action.action = strdup(req->action); if (0 != neu_plugin_op(plugin, header, &action)) { @@ -465,7 +465,7 @@ static int send_write_tags_req(neu_plugin_t *plugin, neu_json_mqtt_t *mqtt, } for (int i = 0; i < cmd.n_tag; i++) { - strcpy(cmd.tags[i].tag, req->tags[i].tag); + strncpy(cmd.tags[i].tag, req->tags[i].tag, NEU_TAG_NAME_LEN - 1); if (0 != json_value_to_tag_value(&req->tags[i].value, req->tags[i].t, &cmd.tags[i].value)) { @@ -618,7 +618,7 @@ void handle_write_req(neu_mqtt_qos_e qos, const char *topic, } for (int i = 0; i < cmd.n_tag; i++) { - strcpy(cmd.tags[i].tag, wr->tags[i]->name); + strncpy(cmd.tags[i].tag, wr->tags[i]->name, NEU_TAG_NAME_LEN - 1); switch (wr->tags[i]->value->value_case) { case MODEL__DATA_ITEM_VALUE__VALUE_INT_VALUE: cmd.tags[i].value.type = NEU_TYPE_INT64; @@ -635,8 +635,8 @@ void handle_write_req(neu_mqtt_qos_e qos, const char *topic, break; case MODEL__DATA_ITEM_VALUE__VALUE_STRING_VALUE: cmd.tags[i].value.type = NEU_TYPE_STRING; - strcpy(cmd.tags[i].value.value.str, - wr->tags[i]->value->string_value); + strncpy(cmd.tags[i].value.value.str, + wr->tags[i]->value->string_value, NEU_VALUE_SIZE - 1); break; default: break; @@ -932,7 +932,7 @@ void handle_driver_action_req(neu_mqtt_qos_e qos, const char *topic, mqtt->tracestate = NULL; header.ctx = mqtt; - strcpy(cmd.driver, dar->node); + strncpy(cmd.driver, dar->node, NEU_NODE_NAME_LEN - 1); cmd.action = strdup(dar->action); model__driver_action_request__free_unpacked(dar, NULL); @@ -955,7 +955,7 @@ void handle_driver_action_req(neu_mqtt_qos_e qos, const char *topic, } header.ctx = mqtt; - strcpy(cmd.driver, req->driver); + strncpy(cmd.driver, req->driver, NEU_NODE_NAME_LEN - 1); cmd.action = strdup(req->action); neu_json_decode_driver_action_req_free(req); free(json_str); @@ -1793,8 +1793,8 @@ void handle_driver_directory_req(neu_mqtt_qos_e qos, const char *topic, mqtt->tracestate = NULL; header.ctx = mqtt; - strcpy(cmd.driver, flr->node); - strcpy(cmd.path, flr->path); + strncpy(cmd.driver, flr->node, NEU_NODE_NAME_LEN - 1); + strncpy(cmd.path, flr->path, NEU_PATH_LEN - 1); model__file_list_request__free_unpacked(flr, NULL); } else { @@ -1817,8 +1817,8 @@ void handle_driver_directory_req(neu_mqtt_qos_e qos, const char *topic, header.ctx = mqtt; - strcpy(cmd.driver, req->driver); - strcpy(cmd.path, req->path); + strncpy(cmd.driver, req->driver, NEU_NODE_NAME_LEN - 1); + strncpy(cmd.path, req->path, NEU_PATH_LEN - 1); neu_json_decode_driver_directory_req_free(req); free(json_str); @@ -1982,8 +1982,8 @@ void handle_driver_fup_open_req(neu_mqtt_qos_e qos, const char *topic, mqtt->tracestate = NULL; header.ctx = mqtt; - strcpy(cmd.driver, fur->node); - strcpy(cmd.path, fur->path); + strncpy(cmd.driver, fur->node, NEU_NODE_NAME_LEN - 1); + strncpy(cmd.path, fur->path, NEU_PATH_LEN - 1); model__file_upload_request__free_unpacked(fur, NULL); } else { @@ -2004,8 +2004,8 @@ void handle_driver_fup_open_req(neu_mqtt_qos_e qos, const char *topic, return; } header.ctx = mqtt; - strcpy(cmd.driver, req->driver); - strcpy(cmd.path, req->path); + strncpy(cmd.driver, req->driver, NEU_NODE_NAME_LEN - 1); + strncpy(cmd.path, req->path, NEU_PATH_LEN - 1); neu_json_decode_driver_fup_open_req_free(req); free(json_str); @@ -2109,8 +2109,8 @@ void handle_driver_fup_data_req(neu_mqtt_qos_e qos, const char *topic, header.ctx = mqtt; - strcpy(cmd.driver, fudr->node); - strcpy(cmd.path, fudr->path); + strncpy(cmd.driver, fudr->node, NEU_NODE_NAME_LEN - 1); + strncpy(cmd.path, fudr->path, NEU_PATH_LEN - 1); model__file_upload_data_request__free_unpacked(fudr, NULL); } else { @@ -2133,8 +2133,8 @@ void handle_driver_fup_data_req(neu_mqtt_qos_e qos, const char *topic, header.ctx = mqtt; - strcpy(cmd.driver, req->driver); - strcpy(cmd.path, req->path); + strncpy(cmd.driver, req->driver, NEU_NODE_NAME_LEN - 1); + strncpy(cmd.path, req->path, NEU_PATH_LEN - 1); neu_json_decode_driver_fup_data_req_free(req); free(json_str); @@ -2243,9 +2243,9 @@ void handle_driver_fdown_open_req(neu_mqtt_qos_e qos, const char *topic, mqtt->tracestate = NULL; header.ctx = mqtt; - strcpy(cmd.driver, fdr->node); - strcpy(cmd.src_path, fdr->src_path); - strcpy(cmd.dst_path, fdr->dst_path); + strncpy(cmd.driver, fdr->node, NEU_NODE_NAME_LEN - 1); + strncpy(cmd.src_path, fdr->src_path, NEU_PATH_LEN - 1); + strncpy(cmd.dst_path, fdr->dst_path, NEU_PATH_LEN - 1); cmd.size = fdr->size; model__file_download_request__free_unpacked(fdr, NULL); @@ -2267,9 +2267,9 @@ void handle_driver_fdown_open_req(neu_mqtt_qos_e qos, const char *topic, return; } header.ctx = mqtt; - strcpy(cmd.driver, req->driver); - strcpy(cmd.src_path, req->src_path); - strcpy(cmd.dst_path, req->dst_path); + strncpy(cmd.driver, req->driver, NEU_NODE_NAME_LEN - 1); + strncpy(cmd.src_path, req->src_path, NEU_PATH_LEN - 1); + strncpy(cmd.dst_path, req->dst_path, NEU_PATH_LEN - 1); cmd.size = req->size; neu_json_decode_driver_fdown_open_req_free(req); @@ -2371,8 +2371,8 @@ void handle_driver_fdown_data_req(neu_mqtt_qos_e qos, const char *topic, mqtt->tracestate = NULL; header.ctx = mqtt; - strcpy(cmd.driver, fddr->node); - strcpy(cmd.src_path, fddr->path); + strncpy(cmd.driver, fddr->node, NEU_NODE_NAME_LEN - 1); + strncpy(cmd.src_path, fddr->path, NEU_PATH_LEN - 1); cmd.more = fddr->more; cmd.len = fddr->data.len; cmd.data = calloc(fddr->data.len, sizeof(uint8_t)); @@ -2398,8 +2398,8 @@ void handle_driver_fdown_data_req(neu_mqtt_qos_e qos, const char *topic, } header.ctx = mqtt; - strcpy(cmd.driver, req->driver); - strcpy(cmd.src_path, req->src_path); + strncpy(cmd.driver, req->driver, NEU_NODE_NAME_LEN - 1); + strncpy(cmd.src_path, req->src_path, NEU_PATH_LEN - 1); cmd.more = req->more; cmd.len = req->len; cmd.data = calloc(req->len, sizeof(uint8_t));