Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make AutoCommissioner::SetCommissioningParameters safer. #24422

Merged
merged 2 commits into from
Jan 20, 2023
Merged

Make AutoCommissioner::SetCommissioningParameters safer. #24422

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6af4d1d
Make AutoCommissioner::SetCommissioningParameters safer.
bzbarsky-apple Jan 14, 2023
ade65af
Address review comment.
bzbarsky-apple Jan 18, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 6 additions & 33 deletions src/controller/AutoCommissioner.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,23 +48,13 @@ void AutoCommissioner::SetOperationalCredentialsDelegate(OperationalCredentialsD
CHIP_ERROR AutoCommissioner::SetCommissioningParameters(const CommissioningParameters & params)
{
mParams = params;
if (params.GetFailsafeTimerSeconds().HasValue())
{
ChipLogProgress(Controller, "Setting failsafe timer from parameters");
mParams.SetFailsafeTimerSeconds(params.GetFailsafeTimerSeconds().Value());
}

if (params.GetCASEFailsafeTimerSeconds().HasValue())
{
ChipLogProgress(Controller, "Setting CASE failsafe timer from parameters");
mParams.SetCASEFailsafeTimerSeconds(params.GetCASEFailsafeTimerSeconds().Value());
}
// Make sure any members that point to buffers that we are not pointing to
// our own buffers are not going to dangle.
mParams.ClearExternalBufferDependentValues();
bzbarsky-apple marked this conversation as resolved.
Show resolved Hide resolved

if (params.GetAdminSubject().HasValue())
{
ChipLogProgress(Controller, "Setting adminSubject from parameters");
mParams.SetAdminSubject(params.GetAdminSubject().Value());
}
// For members of params that point to some sort of buffer, we have to copy
// the data over into our own buffers.

if (params.GetThreadOperationalDataset().HasValue())
{
Expand All @@ -79,12 +69,6 @@ CHIP_ERROR AutoCommissioner::SetCommissioningParameters(const CommissioningParam
mParams.SetThreadOperationalDataset(ByteSpan(mThreadOperationalDataset, dataset.size()));
}

if (params.GetAttemptThreadNetworkScan().HasValue())
{
ChipLogProgress(Controller, "Setting attempt thread scan from parameters");
mParams.SetAttemptThreadNetworkScan(params.GetAttemptThreadNetworkScan().Value());
}

if (params.GetWiFiCredentials().HasValue())
{
WiFiCredentials creds = params.GetWiFiCredentials().Value();
Expand All @@ -101,12 +85,6 @@ CHIP_ERROR AutoCommissioner::SetCommissioningParameters(const CommissioningParam
WiFiCredentials(ByteSpan(mSsid, creds.ssid.size()), ByteSpan(mCredentials, creds.credentials.size())));
}

if (params.GetAttemptWiFiNetworkScan().HasValue())
{
ChipLogProgress(Controller, "Setting attempt wifi scan from parameters");
mParams.SetAttemptWiFiNetworkScan(params.GetAttemptWiFiNetworkScan().Value());
}

if (params.GetCountryCode().HasValue())
{
auto code = params.GetCountryCode().Value();
Expand All @@ -118,6 +96,7 @@ CHIP_ERROR AutoCommissioner::SetCommissioningParameters(const CommissioningParam
else
{
ChipLogError(Controller, "Country code is too large: %u", static_cast<unsigned>(code.size()));
return CHIP_ERROR_INVALID_ARGUMENT;
}
}

Expand Down Expand Up @@ -148,12 +127,6 @@ CHIP_ERROR AutoCommissioner::SetCommissioningParameters(const CommissioningParam
}
mParams.SetCSRNonce(ByteSpan(mCSRNonce, sizeof(mCSRNonce)));

if (params.GetSkipCommissioningComplete().HasValue())
{
ChipLogProgress(Controller, "Setting PASE-only commissioning from parameters");
mParams.SetSkipCommissioningComplete(params.GetSkipCommissioningComplete().Value());
}

return CHIP_NO_ERROR;
}

Expand Down
20 changes: 20 additions & 0 deletions src/controller/CommissioningDelegate.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -425,6 +425,26 @@ class CommissioningParameters
return *this;
}

// Clear all members that depend on some sort of external buffer. Can be
// used to make sure that we are not holding any dangling pointers.
void ClearExternalBufferDependentValues()
{
mCSRNonce.ClearValue();
mAttestationNonce.ClearValue();
mWiFiCreds.ClearValue();
mCountryCode.ClearValue();
mThreadOperationalDataset.ClearValue();
mNOCChainGenerationParameters.ClearValue();
mRootCert.ClearValue();
mNoc.ClearValue();
mIcac.ClearValue();
mIpk.ClearValue();
mAttestationElements.ClearValue();
mAttestationSignature.ClearValue();
mPAI.ClearValue();
mDAC.ClearValue();
}

private:
// Items that can be set by the commissioner
Optional<uint16_t> mFailsafeTimerSeconds;
Expand Down