aboutsummaryrefslogtreecommitdiffstats
path: root/lib/megaco/src
diff options
context:
space:
mode:
authorMicael Karlberg <[email protected]>2013-04-16 15:45:16 +0200
committerMicael Karlberg <[email protected]>2013-04-16 15:45:16 +0200
commit579b659afdc9dd5a2178c5c756964ba3b56dbded (patch)
treeff8234ef6824f2a4fa0884d9b40de8b30478ef56 /lib/megaco/src
parentc9a6ea38eb2a2a3c3d91e3905ce561fd001320be (diff)
parent592f8635f6496fcd082828a1c7769df5c21fae33 (diff)
downloadotp-579b659afdc9dd5a2178c5c756964ba3b56dbded.tar.gz
otp-579b659afdc9dd5a2178c5c756964ba3b56dbded.tar.bz2
otp-579b659afdc9dd5a2178c5c756964ba3b56dbded.zip
Merge branch 'bmk/megaco/flex_buffer_overrun_while_scanning_prop_parms/OTP-10998/r13' into bmk/megaco/flex_buffer_overrun_while_scanning_prop_parms/OTP-10998/r14
Conflicts: lib/megaco/doc/src/notes.xml lib/megaco/src/app/megaco.appup.src lib/megaco/test/megaco_codec_flex_lib.erl lib/megaco/test/megaco_codec_v2_test.erl lib/megaco/test/megaco_test_lib.erl lib/megaco/vsn.mk
Diffstat (limited to 'lib/megaco/src')
-rw-r--r--lib/megaco/src/app/megaco.appup.src268
-rw-r--r--lib/megaco/src/flex/megaco_flex_scanner_drv.flex.src33
-rw-r--r--lib/megaco/src/flex/megaco_flex_scanner_handler.erl6
3 files changed, 174 insertions, 133 deletions
diff --git a/lib/megaco/src/app/megaco.appup.src b/lib/megaco/src/app/megaco.appup.src
index 7107178d1a..66d144373c 100644
--- a/lib/megaco/src/app/megaco.appup.src
+++ b/lib/megaco/src/app/megaco.appup.src
@@ -2,7 +2,7 @@
%%
%% %CopyrightBegin%
%%
-%% Copyright Ericsson AB 2001-2011. All Rights Reserved.
+%% Copyright Ericsson AB 2001-2013. All Rights Reserved.
%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
@@ -19,132 +19,146 @@
%%
%%
-%% 3.4.3
-%% |
-%% v
-%% 3.4.4
-%% / \
-%% | |
-%% v v
-%% 3.5 3.4.5
-%% | |
-%% v v
-%% 3.5.1 <- 3.4.6
-%% |
-%% v
-%% 3.5.2
-%% |
-%% v
-%% 3.5.3
-%% |
-%% v
-%% 3.6
-%% |
-%% v
-%% 3.6.0.1
-%% |
-%% v
-%% 3.6.1
-%% |
-%% v
-%% 3.6.2
-%% / \
-%% | |
-%% v |
-%% 3.7 3.6.3
-%% | |
-%% v v
-%% 3.7.1 <- 3.6.4
-%% | |
-%% v v
-%% 3.7.2 <- 3.6.5
-%% | |
-%% v v
-%% 3.7.3 <- 3.6.6
-%% | |
-%% v v
-%% 3.7.4 <- 3.6.7
-%% | |
-%% v v
-%% 3.7.5 <- 3.6.9
-%% |
-%% v
-%% 3.8
-%% |
-%% v
-%% 3.8.1
-%% |
-%% v
-%% 3.8.2
-%% |
-%% v
-%% 3.9
-%% |
-%% v
-%% 3.9.1
-%% |
-%% v
-%% 3.9.1.1
-%% |
-%% v
-%% 3.9.2
-%% |
-%% v
-%% 3.9.3
-%% |
-%% v
-%% 3.9.4
-%% |
-%% v
-%% 3.10
-%% |
-%% v
-%% 3.10.0.1
-%% |
-%% v
-%% 3.10.1
-%% |
-%% v
-%% 3.11
-%% |
-%% v
-%% 3.11.1
-%% |
-%% v
-%% 3.11.2
-%% |
-%% v
-%% 3.11.3
-%% |
-%% v
-%% 3.12
-%% |
-%% v
-%% 3.13
-%% |
-%% v
-%% 3.14
-%% |
-%% v
-%% 3.14.1
-%% |
-%% v
-%% 3.14.1.1
-%% |
-%% v
-%% 3.15
-%% |
-%% v
-%% 3.15.1
-%% |
-%% v
-%% 3.15.1.1
+%% 3.4.3
+%% |
+%% v
+%% 3.4.4
+%% / \
+%% | |
+%% v v
+%% 3.5 3.4.5
+%% | |
+%% v v
+%% 3.5.1 <- 3.4.6
+%% |
+%% v
+%% 3.5.2
+%% |
+%% v
+%% 3.5.3
+%% |
+%% v
+%% 3.6
+%% |
+%% v
+%% 3.6.0.1
+%% |
+%% v
+%% 3.6.1
+%% |
+%% v
+%% 3.6.2
+%% / \
+%% | |
+%% v v
+%% 3.7 3.6.3
+%% | |
+%% v v
+%% 3.7.1 <- 3.6.4
+%% | |
+%% v v
+%% 3.7.2 <- 3.6.5
+%% | |
+%% v v
+%% 3.7.3 <- 3.6.6
+%% | |
+%% v v
+%% 3.7.4 <- 3.6.7
+%% | |
+%% v v
+%% 3.7.5 <- 3.6.9
+%% |
+%% v
+%% 3.8
+%% |
+%% v
+%% 3.8.1
+%% |
+%% v
+%% 3.8.2
+%% |
+%% v
+%% 3.9
+%% |
+%% v
+%% 3.9.1
+%% |
+%% v
+%% 3.9.1.1
+%% |
+%% v
+%% 3.9.2
+%% |
+%% v
+%% 3.9.3
+%% |
+%% v
+%% 3.9.4
+%% |
+%% v
+%% 3.10
+%% |
+%% v
+%% 3.10.0.1
+%% |
+%% v
+%% 3.10.1
+%% |
+%% v
+%% 3.11
+%% |
+%% v
+%% 3.11.1
+%% |
+%% v
+%% 3.11.2
+%% |
+%% v
+%% 3.11.3
+%% / \
+%% | \
+%% v \
+%% 3.12 \
+%% | \
+%% v \
+%% 3.13 \
+%% | \
+%% v |
+%% 3.14 |
+%% | |
+%% v |
+%% 3.14.1 |
+%% | |
+%% v |
+%% 3.14.1.1 |
+%% / \ |
+%% / \ |
+%% | | |
+%% v | |
+%% 3.15 | |
+%% | | |
+%% v | |
+%% 3.15.1 | |
+%% | | |
+%% v | |
+%% 3.15.1.1 | |
+%% | | |
+%% v v v
+%% 3.15.2 <- 3.14.2 <- 3.11.4
%%
%%
{"%VSN%",
[
+ {"3.15.1.1",
+ [
+ {update, megaco_flex_scanner_handler, {advanced, upgrade_from_pre_3_15_2},
+ soft_purge, soft_purge, []}
+ ]
+ },
{"3.15.1",
[
+ {update, megaco_flex_scanner_handler, {advanced, upgrade_from_pre_3_15_2},
+ soft_purge, soft_purge, []}
]
},
{"3.15",
@@ -155,13 +169,23 @@
{load_module, megaco_timer, soft_purge, soft_purge, [megaco_config_misc]},
{update, megaco_config, soft, soft_purge, soft_purge,
[megaco_timer, megaco_config_misc]},
+ {update, megaco_flex_scanner_handler, {advanced, upgrade_from_pre_3_15_2},
+ soft_purge, soft_purge, []},
{add_module, megaco_config_misc}
]
}
],
[
+ {"3.15.1.1",
+ [
+ {update, megaco_flex_scanner_handler, {advanced, downgrade_to_pre_3_15_2},
+ soft_purge, soft_purge, []}
+ ]
+ },
{"3.15.1",
[
+ {update, megaco_flex_scanner_handler, {advanced, downgrade_to_pre_3_15_2},
+ soft_purge, soft_purge, []}
]
},
{"3.15",
@@ -171,6 +195,8 @@
{load_module, megaco_filter, soft_purge, soft_purge, []},
{load_module, megaco_timer, soft_purge, soft_purge, [megaco_config]},
{update, megaco_config, soft, soft_purge, soft_purge, []},
+ {update, megaco_flex_scanner_handler, {advanced, downgrade_to_pre_3_15_2},
+ soft_purge, soft_purge, []},
{remove, {megaco_config_misc, soft_purge, brutal_purge}}
]
}
diff --git a/lib/megaco/src/flex/megaco_flex_scanner_drv.flex.src b/lib/megaco/src/flex/megaco_flex_scanner_drv.flex.src
index 9b4f717201..96621193e8 100644
--- a/lib/megaco/src/flex/megaco_flex_scanner_drv.flex.src
+++ b/lib/megaco/src/flex/megaco_flex_scanner_drv.flex.src
@@ -1,8 +1,8 @@
/*
* %CopyrightBegin%
- *
- * Copyright Ericsson AB 2001-2010. All Rights Reserved.
- *
+ *
+ * Copyright Ericsson AB 2001-2013. All Rights Reserved.
+ *
* The contents of this file are subject to the Erlang Public License,
* Version 1.1, (the "License"); you may not use this file except in
* compliance with the License. You should have received a copy of the
@@ -101,6 +101,13 @@ typedef struct {
int token_counter;
} MfsErlDrvData;
+/* IBL = In Buffer Length - the raw (un-decoded) message buffer length */
+#define TERM_SPEC_SIZE_INITIAL(IBL) (1024 + 2*(IBL))
+
+/* CTSS = Current term spec size - the current term spec length */
+/* S = Size - how many positions we need */
+#define TERM_SPEC_SIZE_NEXT(CTSS,S) ((CTSS) + 1024 + (S))
+
#if !defined(MEGACO_REENTRANT_FLEX_SCANNER)
static MfsErlDrvData mfs_drv_data;
#endif
@@ -743,7 +750,7 @@ v LOAD_TOKEN(mfs_VersionToken);
#endif
-/* #define MFS_DEBUG true */ /* temporary */
+// #define MFS_DEBUG true
#if defined(MFS_DEBUG)
# define DBG( proto ) printf proto
# define DBG_BUF(func, bufName, buf, bufSz) mfs_dbg_buf_print(func, bufName, buf, bufSz)
@@ -848,15 +855,20 @@ static void mfs_ensure_term_spec(MfsErlDrvData* dataP, int size)
"\n term_spec_size: %d\n",
dataP->term_spec_index, dataP->term_spec_size) );
- dataP->term_spec_size = (dataP->term_spec_size * 2) + size;
+ dataP->term_spec_size = TERM_SPEC_SIZE_NEXT(dataP->term_spec_size, size);
DBG( ("mfs_ensure_term_spec -> "
- "term_spec is at 0x%X, new term_spec_size is %d\n",
- (unsigned int) dataP->term_spec, dataP->term_spec_size) );
+ "term_spec is at 0x%X, new term_spec_size is %d (%lu)\n",
+ (unsigned int) dataP->term_spec,
+ dataP->term_spec_size,
+ dataP->term_spec_size * sizeof(ErlDrvTermData)) );
tmp = REALLOC(dataP->term_spec,
dataP->term_spec_size * sizeof(ErlDrvTermData));
+ DBG( ("mfs_ensure_term_spec -> "
+ "realloc result: 0x%X\n", (unsigned int) tmp) );
+
if (tmp == NULL) {
/*
* Ouch, we did'nt get any new memory.
@@ -948,6 +960,9 @@ static void mfs_octet_load_token(ErlDrvTermData TokenTag, int is_empty)
ASSIGN_TERM_SPEC(dataP, ERL_DRV_TUPLE);
ASSIGN_TERM_SPEC(dataP, 3);
+
+ DBG( ("mfs_octet_load_token -> done\n") );
+
}
#if defined(MEGACO_REENTRANT_FLEX_SCANNER)
@@ -1247,7 +1262,7 @@ static void mfs_load_property_groups(MfsErlDrvData* dataP)
} // if ((yytext[i] != SP)...
} // while ...
- mfs_ensure_term_spec(dataP, 4); // 2 + 2 just in case
+ mfs_ensure_term_spec(dataP, 6); // 3 + 3 just in case
/* Make sure we actually have some groups */
@@ -1732,7 +1747,7 @@ static int mfs_control(ErlDrvData handle,
dataP->text_buf = tmp;
dataP->text_ptr = tmp;
- dataP->term_spec_size = 1000 + buf_len; /* OTP-4237 */
+ dataP->term_spec_size = TERM_SPEC_SIZE_INITIAL(buf_len);
DBG( ("mfs_control -> allocate term-spec buffer: "
"\n term_spec_size: %d\n", dataP->term_spec_size) );
diff --git a/lib/megaco/src/flex/megaco_flex_scanner_handler.erl b/lib/megaco/src/flex/megaco_flex_scanner_handler.erl
index 420202134e..28333ab1d0 100644
--- a/lib/megaco/src/flex/megaco_flex_scanner_handler.erl
+++ b/lib/megaco/src/flex/megaco_flex_scanner_handler.erl
@@ -1,7 +1,7 @@
%%
%% %CopyrightBegin%
%%
-%% Copyright Ericsson AB 2001-2010. All Rights Reserved.
+%% Copyright Ericsson AB 2001-2013. All Rights Reserved.
%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
@@ -181,11 +181,11 @@ terminate(_Reason, _S) ->
%% Returns: {ok, NewState}
%%----------------------------------------------------------------------
-code_change({down, _Vsn}, #state{conf = Conf} = State, downgrade_to_pre_3_13_1) ->
+code_change({down, _Vsn}, #state{conf = Conf} = State, downgrade_to_pre_3_14_3) ->
NewPorts = bump_flex_scanner(Conf),
{ok, State#state{conf = {flex, NewPorts}}};
-code_change(_Vsn, #state{conf = Conf} = State, upgrade_from_pre_3_13_1) ->
+code_change(_Vsn, #state{conf = Conf} = State, upgrade_from_pre_3_14_2) ->
NewPorts = bump_flex_scanner(Conf),
{ok, State#state{conf = {flex, NewPorts}}};