deepblue/ipmitool
1
0
Fork 0
mirror of https://github.com/ipmitool/ipmitool.git synced 2025-05-14 12:37:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix segfault in SOL when remote BMC does not return packet

Browse Source
This commit is contained in:
Duncan Laurie 2006-07-06 21:38:21 +00:00
parent a92765fbc9
commit c99e8595e4
2 changed files with 101 additions and 116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
ipmitool/src/plugins/lanplus/lanplus.c
View File

@ -581,14 +581,11 @@ ipmi_lan_poll_recv(struct ipmi_intf * intf)
struct rmcp_hdr rmcp_rsp; struct rmcp_hdr rmcp_rsp;
struct ipmi_rs * rsp; struct ipmi_rs * rsp;
struct ipmi_session * session = intf->session; struct ipmi_session * session = intf->session;
int offset, rv; int offset, rv;
uint16_t payload_size; uint16_t payload_size;
uint8_t ourAddress = intf->my_addr; uint8_t ourAddress = intf->my_addr;
if(ourAddress == 0) if (ourAddress == 0) {
{
ourAddress = IPMI_BMC_SLAVE_ADDR; ourAddress = IPMI_BMC_SLAVE_ADDR;
} }
@ -648,7 +645,6 @@ ipmi_lan_poll_recv(struct ipmi_intf * intf)
//continue; //continue;
} }
if ((session->v2_data.session_state == LANPLUS_STATE_ACTIVE) && if ((session->v2_data.session_state == LANPLUS_STATE_ACTIVE) &&
(rsp->session.authtype == IPMI_SESSION_AUTHTYPE_RMCP_PLUS) && (rsp->session.authtype == IPMI_SESSION_AUTHTYPE_RMCP_PLUS) &&
(rsp->session.bEncrypted)) (rsp->session.bEncrypted))
@ -684,7 +680,6 @@ ipmi_lan_poll_recv(struct ipmi_intf * intf)
(long)rsp->session.id); (long)rsp->session.id);
lprintf(LOG_DEBUG+1, "<< Sequence : 0x%08lx", lprintf(LOG_DEBUG+1, "<< Sequence : 0x%08lx",
(long)rsp->session.seq); (long)rsp->session.seq);
lprintf(LOG_DEBUG+1, "<< IPMI Msg/Payload Length : %d", lprintf(LOG_DEBUG+1, "<< IPMI Msg/Payload Length : %d",
rsp->session.msglen); rsp->session.msglen);
lprintf(LOG_DEBUG+1, "<< IPMI Response Message Header"); lprintf(LOG_DEBUG+1, "<< IPMI Response Message Header");
@ -710,16 +705,10 @@ ipmi_lan_poll_recv(struct ipmi_intf * intf)
rsp->payload.ipmi_response.cmd); rsp->payload.ipmi_response.cmd);
if (entry != NULL) { if (entry != NULL) {
lprintf(LOG_DEBUG+2, "IPMI Request Match found"); lprintf(LOG_DEBUG+2, "IPMI Request Match found");
if ( if (intf->target_addr != ourAddress &&
(intf->target_addr != ourAddress) && bridgePossible) {
(bridgePossible) if (rsp->data_len &&
) rsp->payload.ipmi_response.cmd != 0x34) {
{
if(
(rsp->data_len) &&
(rsp->payload.ipmi_response.cmd != 0x34)
)
{
printbuf( printbuf(
&rsp->data[offset], &rsp->data[offset],
(rsp->data_len-offset), (rsp->data_len-offset),
@ -727,8 +716,7 @@ ipmi_lan_poll_recv(struct ipmi_intf * intf)
} }
/* bridged command: lose extra header */ /* bridged command: lose extra header */
if (rsp->payload.ipmi_response.cmd == 0x34) { if (rsp->payload.ipmi_response.cmd == 0x34) {
if( rsp->data_len == 38 ) if (rsp->data_len == 38) {
{
entry->req.msg.cmd = entry->req.msg.target_cmd; entry->req.msg.cmd = entry->req.msg.target_cmd;
rsp = ipmi_lan_recv_packet(intf); rsp = ipmi_lan_recv_packet(intf);
continue; continue;
@ -749,7 +737,6 @@ ipmi_lan_poll_recv(struct ipmi_intf * intf)
continue; continue;
} }
/* /*
* Good packet. Shift response data to start of array. * Good packet. Shift response data to start of array.
* rsp->data becomes the variable length IPMI response data * rsp->data becomes the variable length IPMI response data
@ -2169,7 +2156,6 @@ ipmi_lanplus_send_payload(
if (sol_response_acks_packet(rsp, payload)) if (sol_response_acks_packet(rsp, payload))
break; break;
else if (is_sol_packet(rsp) && rsp->data_len) else if (is_sol_packet(rsp) && rsp->data_len)
{ {
/* /*
@ -2195,7 +2181,6 @@ ipmi_lanplus_send_payload(
try++; try++;
} }
/* IPMI messages are deleted under ipmi_lan_poll_recv() */ /* IPMI messages are deleted under ipmi_lan_poll_recv() */
switch (payload->payload_type) { switch (payload->payload_type) {
case IPMI_PAYLOAD_TYPE_RMCP_OPEN_REQUEST: case IPMI_PAYLOAD_TYPE_RMCP_OPEN_REQUEST:
@ -2362,7 +2347,6 @@ check_sol_packet_for_new_data(
/* Store the data length before we mod it */ /* Store the data length before we mod it */
uint8_t unaltered_data_len = rsp->data_len; uint8_t unaltered_data_len = rsp->data_len;
if (rsp->payload.sol_packet.packet_sequence_number == if (rsp->payload.sol_packet.packet_sequence_number ==
last_received_sequence_number) last_received_sequence_number)
{ {
@ -2456,7 +2440,7 @@ ipmi_lanplus_recv_sol(struct ipmi_intf * intf)
{ {
struct ipmi_rs * rsp = ipmi_lan_poll_recv(intf); struct ipmi_rs * rsp = ipmi_lan_poll_recv(intf);
if(rsp->session.authtype != 0) if (rsp && rsp->session.authtype != 0)
{ {
ack_sol_packet(intf, rsp); ack_sol_packet(intf, rsp);
@ -2620,6 +2604,7 @@ impi_close_session_cmd(struct ipmi_intf * intf)
(long)intf->session->v2_data.bmc_id); (long)intf->session->v2_data.bmc_id);
bridgePossible = backupBridgePossible; bridgePossible = backupBridgePossible;
return 0; return 0;
} }