diff --git a/mbus/mbus-protocol-aux.c b/mbus/mbus-protocol-aux.c index 84ea5a5..25b5a80 100644 --- a/mbus/mbus-protocol-aux.c +++ b/mbus/mbus-protocol-aux.c @@ -707,6 +707,12 @@ int mbus_fixed_normalize(int medium_unit, long medium_value, char **unit_out, do double exponent = 0.0; int i; medium_unit = medium_unit & 0x3F; + + if (unit_out == NULL || value_out == NULL || quantity_out == NULL) + { + MBUS_ERROR("%s: Invalid parameter.\n", __PRETTY_FUNCTION__); + return -1; + } switch (medium_unit) { @@ -909,6 +915,12 @@ mbus_vif_unit_normalize(int vif, double value, char **unit_out, double *value_ou int i; + if (unit_out == NULL || value_out == NULL || quantity_out == NULL) + { + MBUS_ERROR("%s: Invalid parameter.\n", __PRETTY_FUNCTION__); + return -1; + } + for(i=0; vif_table[i].vif < 0xfff; ++i) { if (vif_table[i].vif == newVif) @@ -932,6 +944,7 @@ int mbus_vib_unit_normalize(mbus_value_information_block *vib, double value, char **unit_out, double *value_out, char **quantity_out) { MBUS_DEBUG("%s: vib_unit_normalize - VIF=0x%02X\n", __PRETTY_FUNCTION__, vib->vif); + if (vib->vif == 0xFD) /* first type of VIF extention: see table 8.4.4 a */ { if (vib->nvife == 0) @@ -1007,30 +1020,33 @@ mbus_record_new() void mbus_record_free(mbus_record * rec) { - if (! rec->is_numeric) + if (rec) { - free((rec->value).str_val.value); - (rec->value).str_val.value = NULL; + if (! rec->is_numeric) + { + free((rec->value).str_val.value); + (rec->value).str_val.value = NULL; + } + + if (rec->unit) + { + free(rec->unit); + rec->unit = NULL; + } + + if (rec->function_medium) + { + free(rec->function_medium); + rec->function_medium = NULL; + } + + if (rec->quantity) + { + free(rec->quantity); + rec->quantity = NULL; + } + free(rec); } - - if (rec->unit) - { - free(rec->unit); - rec->unit = NULL; - } - - if (rec->function_medium) - { - free(rec->function_medium); - rec->function_medium = NULL; - } - - if (rec->quantity) - { - free(rec->quantity); - rec->quantity = NULL; - } - free(rec); } @@ -1079,6 +1095,12 @@ mbus_parse_variable_record(mbus_data_record *data) char * value_out_str = NULL; int value_out_str_size = 0; double real_val = 0.0; /**< normalized value */ + + if (data == NULL) + { + MBUS_ERROR("%s: Invalid record.\n", __PRETTY_FUNCTION__); + return NULL; + } if (!(record = mbus_record_new())) { @@ -1773,6 +1795,12 @@ mbus_probe_secondary_address(mbus_handle * handle, const char *mask, char *match int mbus_read_slave(mbus_handle * handle, mbus_address *address, mbus_frame * reply) { + if (handle == NULL || address == NULL) + { + MBUS_ERROR("%s: Invalid handle or address.\n", __PRETTY_FUNCTION__); + return -1; + } + if (address->is_primary) { if (mbus_send_request_frame(handle, address->primary) == -1) @@ -1846,6 +1874,12 @@ mbus_scan_2nd_address_range(mbus_handle * handle, int pos, char *addr_mask) { int i, i_start, i_end, probe_ret; char *mask, matching_mask[17]; + + if (handle == NULL || addr_mask == NULL) + { + MBUS_ERROR("%s: Invalid handle or address mask.\n", __PRETTY_FUNCTION__); + return -1; + } if (strlen(addr_mask) != 16) { diff --git a/mbus/mbus-protocol.c b/mbus/mbus-protocol.c index 8a717b4..475a203 100644 --- a/mbus/mbus-protocol.c +++ b/mbus/mbus-protocol.c @@ -620,9 +620,13 @@ mbus_data_str_decode(u_char *dst, const u_char *src, size_t len) size_t i; i = 0; - dst[len] = '\0'; - while(len > 0) { - dst[i++] = src[--len]; + + if (src && dst) + { + dst[len] = '\0'; + while(len > 0) { + dst[i++] = src[--len]; + } } } @@ -639,18 +643,21 @@ mbus_data_bin_decode(u_char *dst, const u_char *src, size_t len, size_t max_len) i = 0; pos = 0; - while((i < len) && ((pos+3) < max_len)) { - pos += snprintf(&dst[pos], max_len - pos, "%.2X ", src[i]); - i++; - } - - if (pos > 0) + if (src && dst) { - // remove last space - pos--; + while((i < len) && ((pos+3) < max_len)) { + pos += snprintf(&dst[pos], max_len - pos, "%.2X ", src[i]); + i++; + } + + if (pos > 0) + { + // remove last space + pos--; + } + + dst[pos] = '\0'; } - - dst[pos] = '\0'; } //------------------------------------------------------------------------------ @@ -661,16 +668,16 @@ mbus_data_bin_decode(u_char *dst, const u_char *src, size_t len, size_t max_len) void mbus_data_tm_decode(struct tm *t, u_char *t_data, size_t t_data_size) { - t->tm_sec = 0; - t->tm_min = 0; - t->tm_hour = 0; - t->tm_mday = 0; - t->tm_mon = 0; - t->tm_year = 0; - t->tm_isdst = 0; - if (t && t_data) { + t->tm_sec = 0; + t->tm_min = 0; + t->tm_hour = 0; + t->tm_mday = 0; + t->tm_mon = 0; + t->tm_year = 0; + t->tm_isdst = 0; + if (t_data_size == 4) // Type F = Compound CP32: Date and Time { if ((t_data[0] & 0x80) == 0) // Time valid ? @@ -1747,6 +1754,9 @@ mbus_vib_unit_lookup(mbus_value_information_block *vib) { static char buff[256]; int n; + + if (vib == NULL) + return ""; if (vib->vif == 0xFD || vib->vif == 0xFB) // first type of VIF extention: see table 8.4.4 { @@ -2965,6 +2975,9 @@ mbus_hex_dump(const char *label, const char *buff, size_t len) char timestamp[21]; size_t i; + if (label == NULL || buff == NULL) + return; + time ( &rawtime ); timeinfo = gmtime ( &rawtime ); @@ -3006,6 +3019,9 @@ mbus_str_xml_encode(u_char *dst, const u_char *src, size_t max_len) i = 0; len = 0; + if (dst == NULL) + return; + if (src != NULL) { while((len+6) < max_len) diff --git a/mbus/mbus-serial.c b/mbus/mbus-serial.c index 784bfa0..c0e009e 100644 --- a/mbus/mbus-serial.c +++ b/mbus/mbus-serial.c @@ -224,6 +224,9 @@ mbus_serial_recv_frame(mbus_serial_handle *handle, mbus_frame *frame) { char buff[PACKET_BUFF_SIZE]; int len, remaining, nread; + + if (handle == NULL || frame == NULL) + return -1; bzero((void *)buff, sizeof(buff)); diff --git a/mbus/mbus-tcp.c b/mbus/mbus-tcp.c index 2911e89..c718413 100644 --- a/mbus/mbus-tcp.c +++ b/mbus/mbus-tcp.c @@ -165,6 +165,9 @@ mbus_tcp_recv_frame(mbus_tcp_handle *handle, mbus_frame *frame) { char buff[PACKET_BUFF_SIZE]; int len, remaining, nread; + + if (handle == NULL || frame == NULL) + return -1; bzero((void *)buff, sizeof(buff));