diff --git a/plugins/dynamic-security/acl.c b/plugins/dynamic-security/acl.c index 0b5fd5fe..c511e5f3 100644 --- a/plugins/dynamic-security/acl.c +++ b/plugins/dynamic-security/acl.c @@ -91,7 +91,7 @@ static int acl_check_subscribe(struct mosquitto_evt_acl_check *ed, struct dynsec { struct dynsec__rolelist *rolelist, *rolelist_tmp; struct dynsec__acl *acl, *acl_tmp; - int len; + size_t len; len = strlen(ed->topic); @@ -128,7 +128,7 @@ static int acl_check_unsubscribe(struct mosquitto_evt_acl_check *ed, struct dyns { struct dynsec__rolelist *rolelist, *rolelist_tmp; struct dynsec__acl *acl, *acl_tmp; - int len; + size_t len; len = strlen(ed->topic); diff --git a/plugins/dynamic-security/auth.c b/plugins/dynamic-security/auth.c index 7ae1982f..f62a96f5 100644 --- a/plugins/dynamic-security/auth.c +++ b/plugins/dynamic-security/auth.c @@ -32,11 +32,13 @@ Contributors: * # * ################################################################ */ -int dynsec_auth__base64_encode(unsigned char *in, unsigned int in_len, char **encoded) +int dynsec_auth__base64_encode(unsigned char *in, int in_len, char **encoded) { BIO *bmem, *b64; BUF_MEM *bptr; + if(in_len < 0) return 1; + b64 = BIO_new(BIO_f_base64()); BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL); bmem = BIO_new(BIO_s_mem()); @@ -60,10 +62,10 @@ int dynsec_auth__base64_encode(unsigned char *in, unsigned int in_len, char **en } -int dynsec_auth__base64_decode(char *in, unsigned char **decoded, unsigned int *decoded_len) +int dynsec_auth__base64_decode(char *in, unsigned char **decoded, int *decoded_len) { BIO *bmem, *b64; - int slen; + size_t slen; slen = strlen(in); @@ -79,7 +81,7 @@ int dynsec_auth__base64_decode(char *in, unsigned char **decoded, unsigned int * return 1; } b64 = BIO_push(b64, bmem); - BIO_write(bmem, in, slen); + BIO_write(bmem, in, (int)slen); if(BIO_flush(bmem) != 1){ BIO_free_all(b64); @@ -90,7 +92,7 @@ int dynsec_auth__base64_decode(char *in, unsigned char **decoded, unsigned int * BIO_free_all(b64); return 1; } - *decoded_len = BIO_read(b64, *decoded, slen); + *decoded_len = BIO_read(b64, *decoded, (int)slen); BIO_free_all(b64); if(*decoded_len <= 0){ @@ -133,7 +135,7 @@ int dynsec_auth__pw_hash(struct dynsec__client *client, const char *password, un return MOSQ_ERR_UNKNOWN; } - return !PKCS5_PBKDF2_HMAC(password, strlen(password), + return !PKCS5_PBKDF2_HMAC(password, (int)strlen(password), client->pw.salt, sizeof(client->pw.salt), iterations, digest, password_hash_len, password_hash); } diff --git a/plugins/dynamic-security/clients.c b/plugins/dynamic-security/clients.c index 05562d6d..a01ec141 100644 --- a/plugins/dynamic-security/clients.c +++ b/plugins/dynamic-security/clients.c @@ -104,7 +104,7 @@ int dynsec_clients__config_load(cJSON *tree) struct dynsec__client *client; struct dynsec__role *role; unsigned char *buf; - unsigned int buf_len; + int buf_len; int priority; int iterations; @@ -152,7 +152,7 @@ int dynsec_clients__config_load(cJSON *tree) mosquitto_free(client); continue; } - iterations = jtmp->valuedouble; + iterations = (int)jtmp->valuedouble; if(iterations < 1){ // FIXME log mosquitto_free(client->username); @@ -177,7 +177,7 @@ int dynsec_clients__config_load(cJSON *tree) mosquitto_free(client); continue; } - memcpy(client->pw.salt, buf, buf_len); + memcpy(client->pw.salt, buf, (size_t)buf_len); mosquitto_free(buf); if(dynsec_auth__base64_decode(j_password->valuestring, &buf, &buf_len) != MOSQ_ERR_SUCCESS @@ -188,7 +188,7 @@ int dynsec_clients__config_load(cJSON *tree) mosquitto_free(client); continue; } - memcpy(client->pw.password_hash, buf, buf_len); + memcpy(client->pw.password_hash, buf, (size_t)buf_len); mosquitto_free(buf); client->pw.valid = true; }else{ @@ -802,7 +802,7 @@ int dynsec_clients__process_list(cJSON *j_responses, struct mosquitto *context, } cJSON_AddItemToObject(tree, "data", j_data); - cJSON_AddIntToObject(j_data, "totalCount", HASH_CNT(hh, local_clients)); + cJSON_AddIntToObject(j_data, "totalCount", (int)HASH_CNT(hh, local_clients)); j_clients = cJSON_CreateArray(); if(j_clients == NULL){ diff --git a/plugins/dynamic-security/dynamic_security.h b/plugins/dynamic-security/dynamic_security.h index c00a4417..6e8a0aa2 100644 --- a/plugins/dynamic-security/dynamic_security.h +++ b/plugins/dynamic-security/dynamic_security.h @@ -156,8 +156,8 @@ bool sub_acl_check(const char *acl, const char *sub); * # * ################################################################ */ -int dynsec_auth__base64_encode(unsigned char *in, unsigned int in_len, char **encoded); -int dynsec_auth__base64_decode(char *in, unsigned char **decoded, unsigned int *decoded_len); +int dynsec_auth__base64_encode(unsigned char *in, int in_len, char **encoded); +int dynsec_auth__base64_decode(char *in, unsigned char **decoded, int *decoded_len); int dynsec_auth__pw_hash(struct dynsec__client *client, const char *password, unsigned char *password_hash, int password_hash_len, bool new_password); int dynsec_auth__basic_auth_callback(int event, void *event_data, void *userdata); diff --git a/plugins/dynamic-security/groups.c b/plugins/dynamic-security/groups.c index b9739e36..1165f0e3 100644 --- a/plugins/dynamic-security/groups.c +++ b/plugins/dynamic-security/groups.c @@ -765,7 +765,7 @@ int dynsec_groups__process_list(cJSON *j_responses, struct mosquitto *context, c } cJSON_AddItemToObject(tree, "data", j_data); - cJSON_AddIntToObject(j_data, "totalCount", HASH_CNT(hh, local_groups)); + cJSON_AddIntToObject(j_data, "totalCount", (int)HASH_CNT(hh, local_groups)); j_groups = cJSON_CreateArray(); if(j_groups == NULL){ diff --git a/plugins/dynamic-security/plugin.c b/plugins/dynamic-security/plugin.c index 395543b3..837f15d2 100644 --- a/plugins/dynamic-security/plugin.c +++ b/plugins/dynamic-security/plugin.c @@ -26,6 +26,7 @@ Contributors: #include "mosquitto.h" #include "mosquitto_broker.h" #include "mosquitto_plugin.h" +#include "mqtt_protocol.h" #include "dynamic_security.h" @@ -56,13 +57,19 @@ void dynsec__command_reply(cJSON *j_responses, struct mosquitto *context, const static void send_response(cJSON *tree) { char *payload; + size_t payload_len; payload = cJSON_PrintUnformatted(tree); cJSON_Delete(tree); if(payload == NULL) return; + payload_len = strlen(payload); + if(payload_len > MQTT_MAX_PAYLOAD){ + free(payload); + return; + } mosquitto_broker_publish(NULL, "$CONTROL/dynamic-security/v1/response", - strlen(payload), payload, 0, 0, NULL); + (int)payload_len, payload, 0, 0, NULL); } @@ -327,7 +334,7 @@ static int dynsec__general_config_save(cJSON *tree) static int dynsec__config_load(void) { FILE *fptr; - long flen; + size_t flen; char *json_str; cJSON *tree; @@ -338,7 +345,7 @@ static int dynsec__config_load(void) } fseek(fptr, 0, SEEK_END); - flen = ftell(fptr); + flen = (size_t)ftell(fptr); fseek(fptr, 0, SEEK_SET); json_str = mosquitto_calloc(flen+1, sizeof(char)); if(json_str == NULL){ @@ -385,10 +392,10 @@ static int dynsec__config_load(void) void dynsec__config_save(void) { cJSON *tree; - int file_path_len; + size_t file_path_len; char *file_path; FILE *fptr; - int json_str_len; + size_t json_str_len; char *json_str; tree = cJSON_CreateObject(); diff --git a/plugins/dynamic-security/roles.c b/plugins/dynamic-security/roles.c index fd8ae361..19cfb916 100644 --- a/plugins/dynamic-security/roles.c +++ b/plugins/dynamic-security/roles.c @@ -617,7 +617,7 @@ int dynsec_roles__process_list(cJSON *j_responses, struct mosquitto *context, cJ } cJSON_AddItemToObject(tree, "data", j_data); - cJSON_AddIntToObject(j_data, "totalCount", HASH_CNT(hh, local_roles)); + cJSON_AddIntToObject(j_data, "totalCount", (int)HASH_CNT(hh, local_roles)); j_roles = cJSON_CreateArray(); if(j_roles == NULL){