From 0603d0d29f777b4b3272543f3a95ccda20ccafed Mon Sep 17 00:00:00 2001 From: dr Date: Sat, 21 Oct 2017 18:57:21 -0700 Subject: [PATCH 1/2] ArduinoOTA would stop receiving any packets if the port received a zero-length UDP packet, commonly sent by network scanners like nmap. Fixed to flush() after every call to parsePacket(), even if read length is 0. Additionally, added length checking to fix a potential buffer overflow in parseInt(). Finally, added an end() method that stops the OTA listener and releases resources. --- libraries/ArduinoOTA/src/ArduinoOTA.cpp | 16 +++++++++++++--- libraries/ArduinoOTA/src/ArduinoOTA.h | 6 ++++++ 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/libraries/ArduinoOTA/src/ArduinoOTA.cpp b/libraries/ArduinoOTA/src/ArduinoOTA.cpp index ee5ce12b38d..8ed4f95151a 100644 --- a/libraries/ArduinoOTA/src/ArduinoOTA.cpp +++ b/libraries/ArduinoOTA/src/ArduinoOTA.cpp @@ -122,11 +122,11 @@ void ArduinoOTAClass::begin() { } int ArduinoOTAClass::parseInt(){ - char data[16]; + char data[INT_BUFFER_SIZE]; uint8_t index = 0; char value; while(_udp_ota.peek() == ' ') _udp_ota.read(); - while(true){ + while(index < INT_BUFFER_SIZE - 1){ value = _udp_ota.peek(); if(value < '0' || value > '9'){ data[index++] = '\0'; @@ -347,6 +347,16 @@ void ArduinoOTAClass::_runUpdate() { } } +void ArduinoOTAClass::end() { + _initialized = false; + _udp_ota.stop(); + MDNS.end(); + _state = OTA_IDLE; +#ifdef OTA_DEBUG + OTA_DEBUG.println("OTA server stopped."); +#endif +} + void ArduinoOTAClass::handle() { if (_state == OTA_RUNUPDATE) { _runUpdate(); @@ -354,8 +364,8 @@ void ArduinoOTAClass::handle() { } if(_udp_ota.parsePacket()){ _onRx(); - _udp_ota.flush(); } + _udp_ota.flush(); // always flush, even zero length packets must be flushed. } int ArduinoOTAClass::getCommand() { diff --git a/libraries/ArduinoOTA/src/ArduinoOTA.h b/libraries/ArduinoOTA/src/ArduinoOTA.h index 16560ee611a..7f733bf57cb 100644 --- a/libraries/ArduinoOTA/src/ArduinoOTA.h +++ b/libraries/ArduinoOTA/src/ArduinoOTA.h @@ -5,6 +5,9 @@ #include #include "Update.h" +#define INT_BUFFER_SIZE 16 + + typedef enum { OTA_IDLE, OTA_WAITAUTH, @@ -63,6 +66,9 @@ class ArduinoOTAClass //Starts the ArduinoOTA service void begin(); + //Ends the ArduinoOTA service + void end(); + //Call this in loop() to run the service void handle(); From 9ac449a5b9fe4081e3e7de83b80a074e343c3630 Mon Sep 17 00:00:00 2001 From: davruet Date: Wed, 25 Oct 2017 09:29:25 -0700 Subject: [PATCH 2/2] Only end MDNS in end() if mdns mode is enabled. --- libraries/ArduinoOTA/src/ArduinoOTA.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/libraries/ArduinoOTA/src/ArduinoOTA.cpp b/libraries/ArduinoOTA/src/ArduinoOTA.cpp index 8ed4f95151a..4ff0ebcf6c6 100644 --- a/libraries/ArduinoOTA/src/ArduinoOTA.cpp +++ b/libraries/ArduinoOTA/src/ArduinoOTA.cpp @@ -350,7 +350,9 @@ void ArduinoOTAClass::_runUpdate() { void ArduinoOTAClass::end() { _initialized = false; _udp_ota.stop(); - MDNS.end(); + if(_mdnsEnabled){ + MDNS.end(); + } _state = OTA_IDLE; #ifdef OTA_DEBUG OTA_DEBUG.println("OTA server stopped.");