Commit graph

2469 commits

Author SHA1 Message Date
Joakim Gebart
24d15ad9a5 core/net/ip: Prevent (tiny) buffer overflow in resolv_found()
An off-by-one error in resolv_found() could make an strncat() call
overflow by the terminating null byte.

When building with Clang the following warning was shown:

../../../core/net/ip/resolv.c:1458:17: warning: the value of the
      size argument in 'strncat' is too large, might lead to a
      buffer overflow [-Wstrncat-size]
                sizeof(resolv_hostname) - strlen(resolv_hostname));
                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../../core/net/ip/resolv.c:1458:17: note: change the argument to
      be the free space in the destination buffer minus the
      terminating null byte
                sizeof(resolv_hostname) - strlen(resolv_hostname));
                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                sizeof(resolv_hostname) - strlen(resolv_hostname) - 1

Signed-off-by: Joakim Gebart <joakim.gebart@eistec.se>
2014-10-02 12:52:39 +02:00
Adam Dunkels
49cb87025e README file for the IP64 module 2014-09-14 21:26:33 +02:00
Adam Dunkels
c77bc6d3f1 NAT64 / DNS64 code for Contiki that makes connecting an IPv6 Contiki network to IPv4 networks really easy 2014-09-14 21:26:23 +02:00
Laurent Deru
7cbd59df03 Add per neighbor packet throttle 2014-08-13 10:11:02 +02:00
Laurent Deru
91d84a3086 Improve csma debug traces 2014-08-13 10:11:02 +02:00
Laurent Deru
68b9412776 Drop packet if there are not enough free buffers to perform fragmentation 2014-08-13 10:11:02 +02:00
Laurent Deru
704e32015b Fix too short 6LoWPAN reassembly timeout 2014-08-06 16:56:37 +02:00
kkrentz
677c078302 sicslowpan: Fixed too aggresive fragmentation 2014-08-05 05:07:06 -07:00
kkrentz
2cf7d98cad ContikiMAC: Create and parse ContikiMAC header in special framer; Expanded framer interface
to allow for creating and securing frames in advance; Create and secure frames in advance when sending bursts; Do neither recreate nor resecure frames that come from phase
2014-08-05 05:07:06 -07:00
kkrentz
515287ef17 llsec: Removed superseded NETSTACK_ENCRYPT, NETSTACK_DECRYPT, and
NETSTACK_ENCRYPTION_INIT macros
2014-08-05 05:07:05 -07:00
kkrentz
c032b67969 llsec: Noncompromise-resilient 802.15.4 security 2014-08-05 05:07:05 -07:00
kkrentz
d8851df858 llsec: Replay protection 2014-08-05 05:07:05 -07:00
kkrentz
41c5dbf961 llsec: Disable duplicate detection when the LLSEC driver provides replay protection anyway. 2014-08-05 05:07:05 -07:00
kkrentz
d161ffcb64 llsec: Allow for sharing CCM* 2014-08-05 05:07:05 -07:00
kkrentz
13d9510715 llsec: Allow for sharing AES-128 2014-08-05 05:07:04 -07:00
kkrentz
07ef46a6e2 llsec: Allow for sharing endianness functions 2014-08-05 05:04:15 -07:00
kkrentz
eaae9f1100 llsec: Calling NETSTACK_LLSEC.on_frame_created() 2014-08-05 05:04:15 -07:00
kkrentz
8659c97fb0 framer-802154: Support for explicit keys 2014-08-05 05:04:15 -07:00
kkrentz
124dde25f3 framer-802154: Conditional compilation of security-related code 2014-08-05 05:04:14 -07:00
kkrentz
fb6d2270ab framer-802154: Simplification of frame802154_create 2014-08-05 05:04:14 -07:00
kkrentz
11495a011c framer-802154: Renamed variable for the sake of consistency 2014-08-05 05:04:14 -07:00
kkrentz
1d324e50d2 framer-802154: Sequence number fix 2014-08-05 05:04:14 -07:00
kkrentz
9dc9e4bd9f framer-802154: Support for setting and accessing the frame type
attribute
2014-08-05 05:04:14 -07:00
kkrentz
19c9ef0a95 framer-802154: Support for creating and parsing frames with security headers 2014-08-05 05:04:14 -07:00
kkrentz
be22883724 framer-802154: Introduced mnemonic variable 2014-08-05 05:04:14 -07:00
kkrentz
c9ad9c04bd framer-802154: Style fixes 2014-08-04 01:09:57 -07:00
kkrentz
a5a9b42457 packetbuf: Made packetbuf_hdrlen applicable to inbound packets, too 2014-08-04 01:09:57 -07:00
kkrentz
bb74fc320f llsec: Configuration option for defining a constant LoWPAN-wide security level 2014-08-04 01:09:57 -07:00
kkrentz
c396a85364 llsec: Added a layer in between NETSTACK_MAC and NETSTACK_NETWORK for implementing link layer security 2014-08-04 01:09:57 -07:00
Adam Dunkels
62b8aafb03 Merge pull request #722 from royscheefhals/contiki-fix
char * data to void * data parameter in process_start
2014-07-28 22:04:36 +02:00
Nicolas Tsiftes
582bfcb8c6 Merge pull request #696 from sieben/doc
Correct several doxygen tags (\file,...)
2014-07-28 11:42:41 +02:00
Rémy Léone
8c3fa17ec0 Correct several doxygen tags (\file) 2014-07-28 11:11:45 +02:00
Enrico Joerns
1654152193 [core] timer: Added note that timer_reset must not be executed before timer expired
Should save some users debugging time while adding no computation overhead
that would be needed for range checks
2014-07-10 11:33:00 +02:00
Nicolas Tsiftes
ccc75404f4 Merge pull request #711 from gebart/upstream-fix-implicit-definitions
uip.h missing #include <string.h>
2014-07-02 16:36:03 +02:00
Rémy Léone
f111058472 Removing trailing whitespaces 2014-06-30 20:01:05 +02:00
Laurent Deru
02972e6514 Improve RPL hop-by-hop option detection 2014-06-27 09:45:57 +02:00
Laurent Deru
d45782fbcd Insert properly Hop-by-Hop option at first hop 2014-06-27 09:45:51 +02:00
Laurent Deru
2dfe2c377f Setting uip_ext_len again breaks hop-by-hop option 2014-06-27 09:43:53 +02:00
Laurent Deru
b6742e5eb5 Sender rank in Hop-by-Hop option has inverted bytes 2014-06-27 09:43:53 +02:00
George Oikonomou
32a7572f25 Fix SDCC Compile Error 2014-06-17 22:20:49 +01:00
Nicolas Tsiftes
24e260910c Merge pull request #718 from g-oikonomou/rpl-dodagid-compliance
Make DODAG ID selection RFC 6550-compliant
2014-06-13 15:33:56 +02:00
Nicolas Tsiftes
4ce3e4dee8 Merge pull request #701 from tim-ist/routing_fix
Re-create a routing table entry if the next hop is changed.
2014-06-13 14:56:56 +02:00
Timofei Istomin
65ef375bdb Re-create a routing table entry if the next hop is changed.
The next-hop address did not get updated in the routing table
in case an entry for the destination already existed.

This patch resolves the issue by removing the entry and
having it re-created from scratch.

The issue causes a routing error triggering reconstruction of
the DODAG through version increase.

In case of somewhat frequent downward traffic in not (yet) stabilized DODAG
a vicious circle is formed: unstable topology means churn, downward
routing under churn causes reconstruction of DODAG. In this situation
the network does not have chance to stabilize.

We encountered a constant churn caused by this bug
in a network of 50 nodes and a periodic traffic (a packet every 5
seconds) generated at the root.

More info and a PCAP demonstrating the issue can be found here:
https://github.com/contiki-os/contiki/issues/496
2014-06-13 13:31:15 +02:00
Roy Scheefhals
1058ea986a Changed the parameter 'char * data' of process_start to the
type process_data_t. This was an artifact when the choice was
made to use the void * type for the data parameter in processes.

Changed parameter 'void * data' of process_post_synch to
process_data_t for consistency.

Checked all the uses of process_start() in contiki and fixed casts
of the data parameter.
2014-06-12 13:40:28 +02:00
George Oikonomou
32bc98b0da Fix code style in rpl_set_root prototype 2014-06-11 23:59:17 +01:00
Adam Dunkels
cff30a394b Merge pull request #635 from nfi/linkaddr-size
Use LINKADDR_SIZE instead of sizeof(linkaddr_t) to avoid struct padding problems.
2014-06-11 23:18:27 +02:00
Adam Dunkels
eceaf0c59b Merge pull request #631 from nfi/framer-len
Added function to framer that returns the estimated header length
2014-06-11 23:17:47 +02:00
Adam Dunkels
0516927677 Merge pull request #666 from simonduq/rpl-etx-init
Set initial link ETX to 2
2014-06-11 22:42:48 +02:00
Adam Dunkels
def57199b9 Merge pull request #511 from ADVANSEE/leds
leds: Fixes and enhancements
2014-06-11 22:37:34 +02:00
Nicolas Tsiftes
40d33657a3 Merge pull request #710 from nvt/coffee-filename-fix
Coffee: Copy the correct number of bytes in filenames
2014-06-11 18:10:12 +02:00