Skip to content

Commit

Permalink
Heap-allocate memory for JSON string escaping
Browse files Browse the repository at this point in the history
Fixes "escape_json_string:179 buffer size too small (199)" from /state.json when the command line used to run minisatip is longer than 200 characters (happens easily if all paths must be overriden)
  • Loading branch information
Jalle19 committed Aug 6, 2024
1 parent e8db6c0 commit eef839f
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 15 deletions.
23 changes: 10 additions & 13 deletions src/api/variables.c
Original file line number Diff line number Diff line change
Expand Up @@ -183,12 +183,10 @@ int escape_json_string(char *dest, int dl, char *src, int sl) {
return j;
}

int get_json_state(char *buf, int len) {
int get_json_state(char *buf, int len, char *sbuf, int slen) {
int ptr = 0, first = 1, i, j, off, string;
_symbols *p;
char escape[200]; // string variable max len

memset(escape, 0, sizeof(escape));
strlcatf(buf, len, ptr, "{\n");
for (i = 0; sym[i] != NULL; i++) {
for (j = 0; sym[i][j].name; j++) {
Expand All @@ -207,10 +205,10 @@ int get_json_state(char *buf, int len) {
if (p->type < VAR_ARRAY) {
if (string) {
int len2 =
snprintf_pointer(escape, sizeof(escape) - 1, p->type,
snprintf_pointer(sbuf, slen - 1, p->type,
p->addr, p->multiplier);
ptr +=
escape_json_string(buf + ptr, len - ptr, escape, len2);
escape_json_string(buf + ptr, len - ptr, sbuf, len2);
} else
ptr += snprintf_pointer(buf + ptr, len - ptr, p->type,
p->addr, p->multiplier);
Expand All @@ -221,9 +219,9 @@ int get_json_state(char *buf, int len) {
strlcatf(buf, len, ptr, ",");
if (string) {
int len2 = snprintf_pointer(
escape, sizeof(escape) - 1, p->type,
sbuf, slen - 1, p->type,
((char *)p->addr) + off + p->skip, p->multiplier);
ptr += escape_json_string(buf + ptr, len - ptr, escape,
ptr += escape_json_string(buf + ptr, len - ptr, sbuf,
len2);
} else
ptr += snprintf_pointer(
Expand All @@ -239,9 +237,9 @@ int get_json_state(char *buf, int len) {
strlcatf(buf, len, ptr, ",");
if (string) {
int len2 = snprintf_pointer(
escape, sizeof(escape) - 1, p->type,
sbuf, slen - 1, p->type,
p1[off] ? p1[off] + p->skip : zero, p->multiplier);
ptr += escape_json_string(buf + ptr, len - ptr, escape,
ptr += escape_json_string(buf + ptr, len - ptr, sbuf,
len2);
} else
ptr += snprintf_pointer(
Expand Down Expand Up @@ -275,12 +273,11 @@ int get_json_state(char *buf, int len) {
get_data_string funs = (get_data_string)p->addr;
strlcatf(buf, len, ptr, "[");
for (off = 0; off < p->len; off++) {
memset(escape, 0, sizeof(escape));
funs(off, escape, sizeof(escape) - 1);
memset(sbuf, 0, slen);
funs(off, sbuf, slen - 1);
if (off > 0)
strlcatf(buf, len, ptr, ",");
ptr += escape_json_string(buf + ptr, len - ptr, escape,
strlen(escape));
ptr += escape_json_string(buf + ptr, len - ptr, sbuf, slen);
}
strlcatf(buf, len, ptr, "]");
// LOG("func_str -> %s", buf);
Expand Down
3 changes: 2 additions & 1 deletion src/api/variables.h
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,7 @@

#define JSON_STATE_MAXLEN (256 * 1024)
#define JSON_BANDWIDTH_MAXLEN 1024
#define JSON_STRING_MAXLEN 1024

typedef int (*get_data_int)(int p);
typedef int64_t (*get_data_int64)(int p);
Expand All @@ -57,7 +58,7 @@ void *get_var_address(char *var, float *multiplier, int *type, void *storage,
int ls);

int escape_json_string(char *dest, int dl, char *src, int sl);
int get_json_state(char *buf, int len);
int get_json_state(char *buf, int len, char *sbuf, int slen);
int get_json_bandwidth(char *buf, int len);

#endif
6 changes: 5 additions & 1 deletion src/minisatip.c
Original file line number Diff line number Diff line change
Expand Up @@ -1589,13 +1589,17 @@ int read_http(sockets *s) {

if (strcmp(arg[1], "/state.json") == 0) {
char *buf = _malloc(JSON_STATE_MAXLEN);
int len = get_json_state(buf, JSON_STATE_MAXLEN);
char *sbuf = _malloc(JSON_STRING_MAXLEN);
memset(sbuf, 0, JSON_STRING_MAXLEN);
int len =
get_json_state(buf, JSON_STATE_MAXLEN, sbuf, JSON_STRING_MAXLEN);
http_response(s, 200,
"Content-Type: application/json\r\n"
"Connection: close\r\n"
"Access-Control-Allow-Origin: *",
buf, 0, len);
_free(buf);
_free(sbuf);
return 0;
}

Expand Down

0 comments on commit eef839f

Please sign in to comment.