mbed_controller / HTTPD

HTTPD bug fix which is caused by stack overflow.

Dependents:   mbed_controller_demo

Fork of HTTPD by Suga koubou

Original HTTPD implementation of Suga koubou is great but has some bug inside unfortunately. The most critical bug was accessing buffer with the index of out of range like following.

problematic code

char buf[256];

n = httpd->_state[id].client->receive(buf, sizeof(buf));
buf[n] =0;

With above code, it could set buf[256] = 0 when more that 255 data is received. Setting buf[256] causes some other area of memory is corrupted so that system can be predictive status since than.

bug fixed code

n = httpd->_state[id].client->receive(buf, sizeof(buf)-1);
buf[n] =0;

sha1.h@2:584ce0a1a76e, 2015-04-10 (annotated)

Committer:
hillkim7
Date:
Fri Apr 10 09:04:38 2015 +0000
Revision:
2:584ce0a1a76e
Parent:
0:d18dff347122 
Fix critical bug cause by accessing buffer with index of out of range.; Set reasonable stack size for server task.

Who changed what in which revision?

UserRevisionLine numberNew contents of line
okini3939 0:d18dff347122 1 /*
okini3939 0:d18dff347122 2 * source from http://www.ipa.go.jp/security/rfc/RFC3174JA.html
okini3939 0:d18dff347122 3 */
okini3939 0:d18dff347122 4 /*
okini3939 0:d18dff347122 5 * sha1.h
okini3939 0:d18dff347122 6 *
okini3939 0:d18dff347122 7 * Description:
okini3939 0:d18dff347122 8 * This is the header file for code which implements the Secure
okini3939 0:d18dff347122 9 * Hashing Algorithm 1 as defined in FIPS PUB 180-1 published
okini3939 0:d18dff347122 10 * April 17, 1995.
okini3939 0:d18dff347122 11 *
okini3939 0:d18dff347122 12 * Many of the variable names in this code, especially the
okini3939 0:d18dff347122 13 * single character names, were used because those were the names
okini3939 0:d18dff347122 14 * used in the publication.
okini3939 0:d18dff347122 15 *
okini3939 0:d18dff347122 16 * Please read the file sha1.c for more information.
okini3939 0:d18dff347122 17 *
okini3939 0:d18dff347122 18 */
okini3939 0:d18dff347122 19
okini3939 0:d18dff347122 20 #ifndef _SHA1_H_
okini3939 0:d18dff347122 21 #define _SHA1_H_
okini3939 0:d18dff347122 22
okini3939 0:d18dff347122 23 #include "mbed.h"
okini3939 0:d18dff347122 24 /*
okini3939 0:d18dff347122 25 * If you do not have the ISO standard stdint.h header file, then you
okini3939 0:d18dff347122 26 * must typdef the following:
okini3939 0:d18dff347122 27 * name meaning
okini3939 0:d18dff347122 28 * uint32_t unsigned 32 bit integer
okini3939 0:d18dff347122 29 * uint8_t unsigned 8 bit integer (i.e., unsigned char)
okini3939 0:d18dff347122 30 * int_least16_t integer of >= 16 bits
okini3939 0:d18dff347122 31 *
okini3939 0:d18dff347122 32 */
okini3939 0:d18dff347122 33
okini3939 0:d18dff347122 34 #ifndef _SHA_enum_
okini3939 0:d18dff347122 35 #define _SHA_enum_
okini3939 0:d18dff347122 36 enum
okini3939 0:d18dff347122 37 {
okini3939 0:d18dff347122 38 shaSuccess = 0,
okini3939 0:d18dff347122 39 shaNull, /* Null pointer parameter */
okini3939 0:d18dff347122 40 shaInputTooLong, /* input data too long */
okini3939 0:d18dff347122 41 shaStateError /* called Input after Result */
okini3939 0:d18dff347122 42 };
okini3939 0:d18dff347122 43 #endif
okini3939 0:d18dff347122 44 #define SHA1HashSize 20
okini3939 0:d18dff347122 45
okini3939 0:d18dff347122 46 /*
okini3939 0:d18dff347122 47 * This structure will hold context information for the SHA-1
okini3939 0:d18dff347122 48 * hashing operation
okini3939 0:d18dff347122 49 */
okini3939 0:d18dff347122 50 typedef struct SHA1Context
okini3939 0:d18dff347122 51 {
okini3939 0:d18dff347122 52 uint32_t Intermediate_Hash[SHA1HashSize/4]; /* Message Digest */
okini3939 0:d18dff347122 53
okini3939 0:d18dff347122 54 uint32_t Length_Low; /* Message length in bits */
okini3939 0:d18dff347122 55 uint32_t Length_High; /* Message length in bits */
okini3939 0:d18dff347122 56
okini3939 0:d18dff347122 57 /* Index into message block array */
okini3939 0:d18dff347122 58 int_least16_t Message_Block_Index;
okini3939 0:d18dff347122 59 uint8_t Message_Block[64]; /* 512-bit message blocks */
okini3939 0:d18dff347122 60
okini3939 0:d18dff347122 61 int Computed; /* Is the digest computed? */
okini3939 0:d18dff347122 62 int Corrupted; /* Is the message digest corrupted? */
okini3939 0:d18dff347122 63 } SHA1Context;
okini3939 0:d18dff347122 64
okini3939 0:d18dff347122 65 /*
okini3939 0:d18dff347122 66 * Function Prototypes
okini3939 0:d18dff347122 67 */
okini3939 0:d18dff347122 68
okini3939 0:d18dff347122 69 int SHA1Reset( SHA1Context *);
okini3939 0:d18dff347122 70 int SHA1Input( SHA1Context *,
okini3939 0:d18dff347122 71 const uint8_t *,
okini3939 0:d18dff347122 72 unsigned int);
okini3939 0:d18dff347122 73 int SHA1Result( SHA1Context *,
okini3939 0:d18dff347122 74 uint8_t Message_Digest[SHA1HashSize]);
okini3939 0:d18dff347122 75
okini3939 0:d18dff347122 76
okini3939 0:d18dff347122 77 void sha1 (const char *input, int len, char *output);
okini3939 0:d18dff347122 78 #endif