Sanitize SSID and SSID length

project-chip · Sep 3, 2024 · 523c9cf · 523c9cf
1 parent dd94fbc
commit 523c9cf
Show file tree

Hide file tree

Showing 8 changed files with 115 additions and 92 deletions.
diff --git a/examples/platform/silabs/SiWx917/SiWx917/sl_wifi_if.cpp b/examples/platform/silabs/SiWx917/SiWx917/sl_wifi_if.cpp
@@ -36,8 +36,11 @@
 #include "task.h"
 #include "wfx_host_events.h"
 #include "wfx_rsi.h"
+
 #include <app/icd/server/ICDServerConfig.h>
 #include <inet/IPAddress.h>
+#include <lib/support/CHIPMem.h>
+#include <lib/support/CHIPMemString.h>
 #include <lib/support/logging/CHIPLogging.h>
 
 extern "C" {
@@ -163,8 +166,10 @@ int32_t wfx_rsi_get_ap_info(wfx_wifi_scan_result_t * ap)
 {
     sl_status_t status = SL_STATUS_OK;
     int32_t rssi       = 0;
+    ap->ssid_length    = wfx_rsi.sec.ssid_length;
     ap->security       = wfx_rsi.sec.security;
     ap->chan           = wfx_rsi.ap_chan;
+    chip::Platform::CopyString(ap->ssid, ap->ssid_length, wfx_rsi.sec.ssid);
     memcpy(&ap->bssid[0], &wfx_rsi.ap_mac.octet[0], BSSID_LEN);
     sl_wifi_get_signal_strength(SL_WIFI_CLIENT_INTERFACE, &rssi);
     ap->rssi = rssi;
@@ -196,14 +201,14 @@ int32_t wfx_rsi_get_ap_ext(wfx_wifi_scan_ext_t * extra_info)
 }
 
 /******************************************************************
- * @fn   int32_t wfx_rsi_reset_count()
+ * @fn   int32_t wfx_rsi_reset_count(void)
  * @brief
  *       Getting the driver reset count
  * @param[in] None
  * @return
  *        status
  *********************************************************************/
-int32_t wfx_rsi_reset_count()
+int32_t wfx_rsi_reset_count(void)
 {
     sl_wifi_statistics_t test = { 0 };
     sl_status_t status        = SL_STATUS_OK;
@@ -220,14 +225,14 @@ int32_t wfx_rsi_reset_count()
 }
 
 /******************************************************************
- * @fn   wfx_rsi_disconnect()
+ * @fn   wfx_rsi_disconnect(void)
  * @brief
  *       Getting the driver disconnect status
  * @param[in] None
  * @return
  *        status
  *********************************************************************/
-int32_t wfx_rsi_disconnect()
+int32_t wfx_rsi_disconnect(void)
 {
     return sl_wifi_disconnect(SL_WIFI_CLIENT_INTERFACE);
 }
@@ -533,7 +538,9 @@ sl_status_t show_scan_results(sl_wifi_scan_result_t * scan_result)
     for (int idx = 0; idx < (int) scan_result->scan_count; idx++)
     {
         memset(&cur_scan_result, 0, sizeof(cur_scan_result));
-        strncpy(cur_scan_result.ssid, (char *) &scan_result->scan_info[idx].ssid, WFX_MAX_SSID_LENGTH);
+
+        cur_scan_result.ssid_length = strnlen((char *) &scan_result->scan_info[idx].ssid, WFX_MAX_SSID_LENGTH);
+        chip::Platform::CopyString(cur_scan_result.ssid, cur_scan_result.ssid_length, (char *) &scan_result->scan_info[idx].ssid);
 
         // if user has provided ssid, then check if the current scan result ssid matches the user provided ssid
         if (wfx_rsi.scan_ssid != NULL && strcmp(wfx_rsi.scan_ssid, cur_scan_result.ssid) != CMP_SUCCESS)
@@ -556,10 +563,10 @@ sl_status_t show_scan_results(sl_wifi_scan_result_t * scan_result)
     // cleanup and return
     wfx_rsi.dev_state &= ~WFX_RSI_ST_SCANSTARTED;
     wfx_rsi.scan_cb((wfx_wifi_scan_result_t *) 0);
-    wfx_rsi.scan_cb = NULL;
+    wfx_rsi.scan_cb = nullptr;
     if (wfx_rsi.scan_ssid)
     {
-        vPortFree(wfx_rsi.scan_ssid);
+        chip::Platform::MemoryFree(wfx_rsi.scan_ssid);
         wfx_rsi.scan_ssid = NULL;
     }
     return SL_STATUS_OK;
@@ -573,14 +580,14 @@ sl_status_t bg_scan_callback_handler(sl_wifi_event_t event, sl_wifi_scan_result_
     return SL_STATUS_OK;
 }
 /***************************************************************************************
- * @fn   static void wfx_rsi_save_ap_info()
+ * @fn   static void wfx_rsi_save_ap_info(void)
  * @brief
  *       Saving the details of the AP
  * @param[in]  None
  * @return
  *       None
  *******************************************************************************************/
-static void wfx_rsi_save_ap_info() // translation
+static void wfx_rsi_save_ap_info(void) // translation
 {
     sl_status_t status = SL_STATUS_OK;
 #ifndef EXP_BOARD
@@ -589,8 +596,8 @@ static void wfx_rsi_save_ap_info() // translation
 #endif
     sl_wifi_ssid_t ssid_arg;
     memset(&ssid_arg, 0, sizeof(ssid_arg));
-    ssid_arg.length = strnlen(wfx_rsi.sec.ssid, WFX_MAX_SSID_LENGTH);
-    strncpy((char *) &ssid_arg.value[0], wfx_rsi.sec.ssid, WFX_MAX_SSID_LENGTH);
+    ssid_arg.length = wfx_rsi.sec.ssid_length;
+    chip::Platform::CopyString((char *) &ssid_arg.value[0], ssid_arg.length, wfx_rsi.sec.ssid);
     sl_wifi_set_scan_callback(scan_callback_handler, NULL);
     scan_results_complete = false;
 #ifndef EXP_BOARD
@@ -616,7 +623,7 @@ static sl_status_t wfx_rsi_do_join(void)
     sl_status_t status = SL_STATUS_OK;
     sl_wifi_client_configuration_t ap;
     memset(&ap, 0, sizeof(ap));
-    WfxEvent_t event;
+
     switch (wfx_rsi.sec.security)
     {
     case WFX_SEC_WEP:
@@ -659,19 +666,17 @@ static sl_status_t wfx_rsi_do_join(void)
     status = sl_wifi_set_advanced_client_configuration(SL_WIFI_CLIENT_INTERFACE, &client_config);
     VerifyOrReturnError(status == SL_STATUS_OK, status);
 #endif // CHIP_CONFIG_ENABLE_ICD_SERVER
-    size_t psk_length = strlen(wfx_rsi.sec.passkey);
-    VerifyOrReturnError(psk_length <= SL_WIFI_MAX_PSK_LENGTH, SL_STATUS_SI91X_INVALID_PSK_LENGTH);
     sl_net_credential_id_t id = SL_NET_DEFAULT_WIFI_CLIENT_CREDENTIAL_ID;
-    status                    = sl_net_set_credential(id, SL_NET_WIFI_PSK, &wfx_rsi.sec.passkey[0], psk_length);
+    status                    = sl_net_set_credential(id, SL_NET_WIFI_PSK, &wfx_rsi.sec.passkey[0], wfx_rsi.sec.passkey_length);
     VerifyOrReturnError(status == SL_STATUS_OK, status);
 
     uint32_t timeout_ms = 0;
-    ap.ssid.length      = strnlen(wfx_rsi.sec.ssid, WFX_MAX_SSID_LENGTH);
+    ap.ssid.length      = wfx_rsi.sec.ssid_length;
     ap.encryption       = SL_WIFI_NO_ENCRYPTION;
     ap.credential_id    = id;
-    memset(&ap.ssid.value, 0, (sizeof(ap.ssid.value) / sizeof(ap.ssid.value[0])));
-    strncpy((char *) &ap.ssid.value[0], wfx_rsi.sec.ssid, WFX_MAX_SSID_LENGTH);
+    memcpy((char *) &ap.ssid.value[0], wfx_rsi.sec.ssid, wfx_rsi.sec.ssid_length);
     ChipLogDetail(DeviceLayer, "wfx_rsi_do_join: SSID: %s, SECURITY: %d(%d)", ap.ssid.value, ap.security, wfx_rsi.sec.security);
+
     status = sl_wifi_connect(SL_WIFI_CLIENT_INTERFACE, &ap, timeout_ms);
     // sl_wifi_connect returns SL_STATUS_IN_PROGRESS if join is in progress
     // after the initial scan is done, the scan does not check for SSID
@@ -684,8 +689,11 @@ static sl_status_t wfx_rsi_do_join(void)
     wfx_rsi.dev_state &= ~(WFX_RSI_ST_STA_CONNECTING | WFX_RSI_ST_STA_CONNECTED);
     ChipLogProgress(DeviceLayer, "wfx_rsi_do_join: retry attempt %d", wfx_rsi.join_retries);
     wfx_retry_connection(++wfx_rsi.join_retries);
+
+    WfxEvent_t event;
     event.eventType = WFX_EVT_STA_START_JOIN;
     WfxPostEvent(&event);
+
     return status;
 }
 

diff --git a/examples/platform/silabs/SiWx917/SiWx917/wfx_rsi_host.cpp b/examples/platform/silabs/SiWx917/SiWx917/wfx_rsi_host.cpp
@@ -163,7 +163,8 @@ void wfx_clear_wifi_provision(void)
 sl_status_t wfx_connect_to_ap(void)
 {
     VerifyOrReturnError(wfx_rsi.dev_state & WFX_RSI_ST_STA_PROVISIONED, SL_STATUS_INVALID_CONFIGURATION);
-    VerifyOrReturnError(strlen(wfx_rsi.sec.ssid) <= WFX_MAX_SSID_LENGTH, SL_STATUS_HAS_OVERFLOWED);
+    VerifyOrReturnError(wfx_rsi.sec.ssid_length, SL_STATUS_INVALID_CREDENTIALS);
+    VerifyOrReturnError(wfx_rsi.sec.ssid_length <= WFX_MAX_SSID_LENGTH, SL_STATUS_HAS_OVERFLOWED);
     ChipLogProgress(DeviceLayer, "connect to access point: %s", wfx_rsi.sec.ssid);
     WfxEvent_t event;
     event.eventType = WFX_EVT_STA_START_JOIN;
@@ -345,10 +346,10 @@ bool wfx_start_scan(char * ssid, void (*callback)(wfx_wifi_scan_result_t *))
     wfx_rsi.scan_cb = callback;
 
     VerifyOrReturnError(ssid != nullptr, false);
-    size_t ssid_len   = strnlen(ssid, WFX_MAX_SSID_LENGTH);
-    wfx_rsi.scan_ssid = reinterpret_cast<char *>(chip::Platform::MemoryAlloc(ssid_len + 1));
+    wfx_rsi.scan_ssid_length = strnlen(ssid, WFX_MAX_SSID_LENGTH);
+    wfx_rsi.scan_ssid        = reinterpret_cast<char *>(chip::Platform::MemoryAlloc(wfx_rsi.scan_ssid_length));
     VerifyOrReturnError(wfx_rsi.scan_ssid != nullptr, false);
-    strncpy(wfx_rsi.scan_ssid, ssid, WFX_MAX_SSID_LENGTH);
+    chip::Platform::CopyString(wfx_rsi.scan_ssid, wfx_rsi.scan_ssid_length, ssid);
 
     WfxEvent_t event;
     event.eventType = WFX_EVT_SCAN;

diff --git a/examples/platform/silabs/efr32/rs911x/rsi_if.c b/examples/platform/silabs/efr32/rs911x/rsi_if.c
@@ -132,7 +132,7 @@ static void StartDHCPTimer(uint32_t timeout)
  *********************************************************************/
 int32_t wfx_rsi_get_ap_info(wfx_wifi_scan_result_t * ap)
 {
-    int32_t status;
+    int32_t status = RSI_SUCCESS;
     uint8_t rssi;
     ap->security = wfx_rsi.sec.security;
     ap->chan     = wfx_rsi.ap_chan;
@@ -161,18 +161,16 @@ int32_t wfx_rsi_get_ap_ext(wfx_wifi_scan_ext_t * extra_info)
     if (status != RSI_SUCCESS)
     {
         SILABS_LOG("Failed, Error Code : 0x%lX", status);
+        return status;
     }
-    else
-    {
-        rsi_wlan_ext_stats_t * test   = (rsi_wlan_ext_stats_t *) buff;
-        extra_info->beacon_lost_count = test->beacon_lost_count - temp_reset.beacon_lost_count;
-        extra_info->beacon_rx_count   = test->beacon_rx_count - temp_reset.beacon_rx_count;
-        extra_info->mcast_rx_count    = test->mcast_rx_count - temp_reset.mcast_rx_count;
-        extra_info->mcast_tx_count    = test->mcast_tx_count - temp_reset.mcast_tx_count;
-        extra_info->ucast_rx_count    = test->ucast_rx_count - temp_reset.ucast_rx_count;
-        extra_info->ucast_tx_count    = test->ucast_tx_count - temp_reset.ucast_tx_count;
-        extra_info->overrun_count     = test->overrun_count - temp_reset.overrun_count;
-    }
+    rsi_wlan_ext_stats_t * test   = (rsi_wlan_ext_stats_t *) buff;
+    extra_info->beacon_lost_count = test->beacon_lost_count - temp_reset.beacon_lost_count;
+    extra_info->beacon_rx_count   = test->beacon_rx_count - temp_reset.beacon_rx_count;
+    extra_info->mcast_rx_count    = test->mcast_rx_count - temp_reset.mcast_rx_count;
+    extra_info->mcast_tx_count    = test->mcast_tx_count - temp_reset.mcast_tx_count;
+    extra_info->ucast_rx_count    = test->ucast_rx_count - temp_reset.ucast_rx_count;
+    extra_info->ucast_tx_count    = test->ucast_tx_count - temp_reset.ucast_tx_count;
+    extra_info->overrun_count     = test->overrun_count - temp_reset.overrun_count;
     return status;
 }
 
@@ -192,18 +190,16 @@ int32_t wfx_rsi_reset_count()
     if (status != RSI_SUCCESS)
     {
         SILABS_LOG("Failed, Error Code : 0x%lX", status);
+        return status;
     }
-    else
-    {
-        rsi_wlan_ext_stats_t * test  = (rsi_wlan_ext_stats_t *) buff;
-        temp_reset.beacon_lost_count = test->beacon_lost_count;
-        temp_reset.beacon_rx_count   = test->beacon_rx_count;
-        temp_reset.mcast_rx_count    = test->mcast_rx_count;
-        temp_reset.mcast_tx_count    = test->mcast_tx_count;
-        temp_reset.ucast_rx_count    = test->ucast_rx_count;
-        temp_reset.ucast_tx_count    = test->ucast_tx_count;
-        temp_reset.overrun_count     = test->overrun_count;
-    }
+    rsi_wlan_ext_stats_t * test  = (rsi_wlan_ext_stats_t *) buff;
+    temp_reset.beacon_lost_count = test->beacon_lost_count;
+    temp_reset.beacon_rx_count   = test->beacon_rx_count;
+    temp_reset.mcast_rx_count    = test->mcast_rx_count;
+    temp_reset.mcast_tx_count    = test->mcast_tx_count;
+    temp_reset.ucast_rx_count    = test->ucast_rx_count;
+    temp_reset.ucast_tx_count    = test->ucast_tx_count;
+    temp_reset.overrun_count     = test->overrun_count;
     return status;
 }
 
@@ -217,8 +213,7 @@ int32_t wfx_rsi_reset_count()
  *********************************************************************/
 int32_t wfx_rsi_disconnect()
 {
-    int32_t status = rsi_wlan_disconnect();
-    return status;
+    return rsi_wlan_disconnect();
 }
 
 #if SL_ICD_ENABLED
@@ -275,18 +270,17 @@ static void wfx_rsi_join_cb(uint16_t status, const uint8_t * buf, const uint16_t
          */
         SILABS_LOG("wfx_rsi_join_cb: failed. retry: %d", wfx_rsi.join_retries);
         wfx_retry_connection(++wfx_rsi.join_retries);
+        return;
     }
-    else
-    {
-        /*
-         * Join was complete - Do the DHCP
-         */
-        SILABS_LOG("wfx_rsi_join_cb: success");
-        memset(&temp_reset, 0, sizeof(wfx_wifi_scan_ext_t));
-        WfxEvent.eventType = WFX_EVT_STA_CONN;
-        WfxPostEvent(&WfxEvent);
-        wfx_rsi.join_retries = 0;
-    }
+
+    /*
+     * Join was complete - Do the DHCP
+     */
+    SILABS_LOG("wfx_rsi_join_cb: success");
+    memset(&temp_reset, 0, sizeof(wfx_wifi_scan_ext_t));
+    WfxEvent.eventType = WFX_EVT_STA_CONN;
+    WfxPostEvent(&WfxEvent);
+    wfx_rsi.join_retries = 0;
 }
 
 /******************************************************************
@@ -453,7 +447,7 @@ static int32_t wfx_rsi_init(void)
  * @return
  *       None
  *******************************************************************************************/
-static void wfx_rsi_save_ap_info() // translation
+static void wfx_rsi_save_ap_info(void) // translation
 {
     int32_t status;
     rsi_rsp_scan_t rsp;
@@ -707,29 +701,42 @@ void ProcessEvent(WfxEvent_t inEvent)
             SILABS_LOG("rsi_wlan_bgscan failed: %02x ", status);
             return;
         }
+
+        if (wfx_rsi.scan_cb == NULL)
+        {
+            return;
+        }
+
         rsi_scan_info_t * scan;
         wfx_wifi_scan_result_t ap;
+
         for (int x = 0; x < scan_rsp.scan_count[0]; x++)
         {
             scan = &scan_rsp.scan_info[x];
-            // is it a scan all or target scan
-            if (!wfx_rsi.scan_ssid || (wfx_rsi.scan_ssid && strcmp(wfx_rsi.scan_ssid, (char *) scan->ssid) == CMP_SUCCESS))
+            // clear structure and calculate size of SSID
+            memset(&ap, 0, sizeof(ap));
+            ap.ssid_length = strnlen((char *) scan->ssid, WFX_MAX_SSID_LENGTH);
+            strncpy(ap.ssid, (char *) scan->ssid, ap.ssid_length);
+            // assure null termination of scanned SSID
+            ap.ssid[ap.ssid_length - 1] = 0;
+            ap.security                 = scan->security_mode;
+            ap.rssi                     = (-1) * scan->rssi_val;
+
+            configASSERT(sizeof(ap.bssid) == BSSID_LEN);
+            configASSERT(sizeof(scan->bssid) == BSSID_LEN);
+            memcpy(ap.bssid, scan->bssid, BSSID_LEN);
+
+            // no ssid filter set, return all results
+            if (wfx_rsi.scan_ssid_length == 0)
             {
-                // clear structure and calculate size of SSID
-                memset(&ap, 0, sizeof(ap));
-                strncpy(ap.ssid, (char *) scan->ssid, strnlen((const char *) scan->ssid, WFX_MAX_SSID_LENGTH));
-                ap.security = scan->security_mode;
-                ap.rssi     = (-1) * scan->rssi_val;
-
-                configASSERT(sizeof(ap.bssid) == BSSID_LEN);
-                configASSERT(sizeof(scan->bssid) == BSSID_LEN);
-                memcpy(ap.bssid, scan->bssid, BSSID_LEN);
                 (*wfx_rsi.scan_cb)(&ap);
-
-                if (wfx_rsi.scan_ssid)
-                {
-                    break; // we found the targeted ssid.
-                }
+                continue;
+            }
+            // check if the scanned ssid is the one we are looking for
+            else if (strcmp(wfx_rsi.scan_ssid, ap.ssid) == CMP_SUCCESS)
+            {
+                (*wfx_rsi.scan_cb)(&ap);
+                break; // we found the targeted ssid.
             }
         }