Merge pull request #16 from kosmas-valianos/minorFixes

Minor fixes

Author: kosmas-valianos

.github/workflows/codeql-analysis.yml

@@ -42,7 +42,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@v2
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -53,7 +53,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
+      uses: github/codeql-action/autobuild@v2
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -67,4 +67,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@v2

Makefile

@@ -18,7 +18,7 @@
 
 CFLAGS := -Wall -Wextra -Wshadow -Wimplicit-fallthrough=0 -ansi -fshort-enums -fpic
 
-all: build
+all: build tests example
 
 build: libs_dir libs/libproxyprotocol.so
 
@@ -37,6 +37,13 @@ tests: tests/test_libproxyprotocol
 tests/test_libproxyprotocol: tests/test.o libs/libproxyprotocol.so
 	$(CC) -Llibs/ ${CFLAGS} -o $@ $< -lproxyprotocol
 
+example: examples/client_server
+	LD_LIBRARY_PATH=libs/ $<
+
+examples/client_server: examples/client_server.o libs/libproxyprotocol.so
+	$(CC) -Llibs/ ${CFLAGS} -o $@ $< -lproxyprotocol
+
 clean:
 	$(RM) src/*.o libs/libproxyprotocol.so
 	$(RM) tests/*.o tests/test_libproxyprotocol
+	$(RM) examples/*.o examples/client_server

examples/client_server.c

@@ -74,9 +74,10 @@ int main()
             }
         }
     };
+    uint16_t pp2_hdr_len;
     /* Add SSL TLVs */
     /* IMPORTANT: Always clear the pp_info to be passed in pp_create_hdr() because TLVs are allocated in heap. Otherwise memory will be leaked */
-    if (!pp_info_add_ssl(&pp_info_in_v2, "TLSv1.2", "ECDHE-RSA-AES128-GCM-SHA256", "SHA256", "RSA2048", "example.com", 11))
+    if (!pp_info_add_ssl(&pp_info_in_v2, "TLSv1.2", "ECDHE-RSA-AES128-GCM-SHA256", "SHA256", "RSA2048", (uint8_t*) "example.com", 11))
     {
         fprintf(stderr, "pp_info_add_ssl() failed\n");
         pp_info_clear(&pp_info_in_v2);
@@ -89,7 +90,7 @@ int main()
         pp_info_clear(&pp_info_in_v2);
         return EXIT_FAILURE;
     }
-    uint8_t *pp2_hdr = pp_create_hdr(2, &pp_info_in_v2, &pp1_hdr_len, &error);
+    uint8_t *pp2_hdr = pp_create_hdr(2, &pp_info_in_v2, &pp2_hdr_len, &error);
     pp_info_clear(&pp_info_in_v2);
     if (error != ERR_NULL)
     {
@@ -98,7 +99,7 @@ int main()
     }
 
     /* Parse a v2 PROXY protocol header */
-    rc = pp_parse_hdr(pp2_hdr, pp1_hdr_len, &pp_info_out);
+    rc = pp_parse_hdr(pp2_hdr, pp2_hdr_len, &pp_info_out);
     free(pp2_hdr);
     if (!rc)
     {
@@ -127,6 +128,7 @@ int main()
                "\tSSL CN: %.*s\n"
                "\t%s %s %hu %hu\n",
             rc, linkid,
+            /* In case CRC32c is wrong then rc < 0 => pp_strerror(rc) at previous block will print the error */
             pp_info_out.pp2_info.crc32c == 1 ? "verified" : "not present",
             pp_info_get_ssl_version(&pp_info_out, &length),
             pp_info_get_ssl_cipher(&pp_info_out, &length),

src/proxy_protocol.c

@@ -21,8 +21,12 @@
 #include <string.h>
 #ifdef _WIN32
     #include <ws2tcpip.h>
+    /* Caution: To be used only with fixed length arrays */
+    #define _sprintf(buffer, format, ...) sprintf_s(buffer, sizeof(buffer), format, __VA_ARGS__)
 #else
     #include <arpa/inet.h>
+    /* sprintf() as snprintf does not exist in ANSI C */
+    #define _sprintf(buffer, format, ...) sprintf(buffer, format, __VA_ARGS__)
 #endif
 
 #include "proxy_protocol.h"
@@ -149,8 +153,8 @@ typedef struct
 #define PP2_SIG "\x0D\x0A\x0D\x0A\x00\x0D\x0A\x51\x55\x49\x54\x0A"
 
 /* ANSI C makes us suffer as we cannot have value[0] */
-#define sizeof_pp2_tlv_t     (sizeof(pp2_tlv_t) - 1)
-#define sizeof_pp2_tlv_aws_t (sizeof(pp2_tlv_aws_t) - 1)
+#define sizeof_pp2_tlv_t     ((uint16_t) sizeof(pp2_tlv_t) - 1)
+#define sizeof_pp2_tlv_aws_t ((uint16_t) sizeof(pp2_tlv_aws_t) - 1)
 
 /****************************************************************/
 
@@ -347,7 +351,7 @@ uint8_t pp_info_add_netns(pp_info_t *pp_info, const char *netns)
 
 uint8_t pp_info_add_aws_vpce_id(pp_info_t *pp_info, const char *vpce_id)
 {
-    uint16_t length = (uint16_t) (sizeof_pp2_tlv_aws_t + strlen(vpce_id));
+    uint16_t length = sizeof_pp2_tlv_aws_t + (uint16_t) strlen(vpce_id);
     pp2_tlv_aws_t *pp2_tlv_aws = malloc(length);
     pp2_tlv_aws->type = PP2_SUBTYPE_AWS_VPCE_ID;
     memcpy(pp2_tlv_aws->value, vpce_id, strlen(vpce_id));
@@ -663,7 +667,7 @@ uint8_t *pp2_create_hdr(const pp_info_t *pp_info, uint16_t *pp2_hdr_len, int32_t
         {
             uint16_t pp2_hdr_len_padded = (*pp2_hdr_len / alignment + 1) * alignment;
             /* The NOOP TLV needs to be at least 3 bytes because a TLV can not be smaller than that */
-            if (pp2_hdr_len_padded - *pp2_hdr_len < 3)
+            if (pp2_hdr_len_padded - *pp2_hdr_len < sizeof_pp2_tlv_t)
             {
                 pp2_hdr_len_padded += alignment;
             }
@@ -763,8 +767,7 @@ static uint8_t *pp1_create_hdr(const pp_info_t *pp_info, uint16_t *pp1_hdr_len,
         char dst_addr[39+1];
         memcpy(src_addr, pp_info->src_addr, sizeof(src_addr));
         memcpy(dst_addr, pp_info->dst_addr, sizeof(dst_addr));
-        /* sprintf() as snprintf does not exist in ANSI C */
-        *pp1_hdr_len = sprintf(block, "PROXY %s %s %s %hu %hu"CRLF, fam, src_addr, dst_addr, pp_info->src_port, pp_info->dst_port);
+        *pp1_hdr_len = _sprintf(block, "PROXY %s %s %s %hu %hu"CRLF, fam, src_addr, dst_addr, pp_info->src_port, pp_info->dst_port);
     }
     else
     {
@@ -932,11 +935,11 @@ static int32_t pp2_parse_hdr(uint8_t *buffer, uint32_t buffer_length, pp_info_t
 
     /* TLVs */
     /* Any TLV vector must be at least 3 bytes */
-    while (tlv_vectors_len > 3)
+    while (tlv_vectors_len > sizeof_pp2_tlv_t)
     {
         pp2_tlv_t *pp2_tlv = (pp2_tlv_t*) buffer;
         uint16_t pp2_tlv_len = pp2_tlv->length_hi << 8 | pp2_tlv->length_lo;
-        uint16_t pp2_tlv_offset = 3 + pp2_tlv_len;
+        uint16_t pp2_tlv_offset = sizeof_pp2_tlv_t + pp2_tlv_len;
         if (pp2_tlv_offset > tlv_vectors_len)
         {
             return -ERR_PP2_TLV_LENGTH;
@@ -1030,7 +1033,7 @@ static int32_t pp2_parse_hdr(uint8_t *buffer, uint32_t buffer_length, pp_info_t
                     return -ERR_PP2_TYPE_SSL;
                 }
 
-                pp2_sub_tlv_offset += 3 + pp2_sub_tlv_ssl_len;
+                pp2_sub_tlv_offset += sizeof_pp2_tlv_t + pp2_sub_tlv_ssl_len;
             }
             if (pp2_sub_tlv_offset > pp2_tlvs_ssl_len || (pp_info->pp2_info.pp2_ssl_info.ssl && !tlv_ssl_version_found))
             {