Merge pull request #302 from eclipse-threadx/dev

Release version 6.4.2

Author: fdesbiens

.gitignore

@@ -14,3 +14,4 @@ compile_commands.json
 CTestTestfile.cmake
 .run.sh
 
+scripts/openssl*

CMakeLists.txt

@@ -1,4 +1,4 @@
-cmake_minimum_required(VERSION 3.0.0 FATAL_ERROR)
+cmake_minimum_required(VERSION 3.13 FATAL_ERROR)
 
 # Set up the project
 project(netxduo

addons/web/nx_web_http_server.c

@@ -3968,8 +3968,8 @@ UINT        temp_realm_length = 0;
                 }
 
                 /* Send response back to HTTP Client.  */
-                _nx_web_http_server_response_send(server_ptr, NX_WEB_HTTP_STATUS_INTERNAL_ERROR,
-                                                  sizeof(NX_WEB_HTTP_STATUS_INTERNAL_ERROR) - 1,
+                _nx_web_http_server_response_send(server_ptr, NX_WEB_HTTP_STATUS_BAD_REQUEST,
+                                                  sizeof(NX_WEB_HTTP_STATUS_BAD_REQUEST) - 1,
                                                   "NetX HTTP Receive Timeout",
                                                   sizeof("NetX HTTP Receive Timeout") - 1, NX_NULL, 0);
 
@@ -4215,6 +4215,7 @@ VOID  _nx_web_http_server_put_process(NX_WEB_HTTP_SERVER *server_ptr, NX_PACKET
 
 UINT        status;
 ULONG       length = 0;
+ULONG       consumed_length = 0;
 UINT        offset;
 CHAR        *name_ptr;
 CHAR        *password_ptr;
@@ -4447,8 +4448,7 @@ UINT        temp_realm_length = 0;
             nx_packet_release(packet_ptr);
         }
 
-        /* Error, return to caller.  */
-        return;
+        goto put_process_end;
     }
 
     /* Open the specified file for writing.  */
@@ -4470,8 +4470,7 @@ UINT        temp_realm_length = 0;
             nx_packet_release(packet_ptr);
         }
 
-        /* Error, return to caller.  */
-        return;
+        goto put_process_end;
     }
 
     /* Determine if there is any content in the first packet.  */
@@ -4498,12 +4497,28 @@ UINT        temp_realm_length = 0;
                 nx_packet_release(packet_ptr);
             }
 
-            /* Error, return to caller.  */
-            return;
+            goto put_process_end;
         }
 
         /* Update the length.  */
-        length =  length - ((ULONG)(packet_ptr -> nx_packet_append_ptr - packet_ptr -> nx_packet_prepend_ptr) - offset);
+        consumed_length = ((ULONG)(packet_ptr -> nx_packet_append_ptr - packet_ptr -> nx_packet_prepend_ptr) - offset);
+        if ((length - consumed_length) > length)
+        {
+            /* Underflow error has occurred.*/
+
+            /* Send response back to HTTP Client.  */
+            _nx_web_http_server_response_send(server_ptr, NX_WEB_HTTP_STATUS_BAD_REQUEST,
+                                                sizeof(NX_WEB_HTTP_STATUS_BAD_REQUEST) - 1,
+                                                "NetX HTTP Content Length",
+                                                sizeof("NetX HTTP Content Length") - 1, NX_NULL, 0);
+
+            /* Release the previous data packet.  */
+            nx_packet_release(data_packet_ptr);
+
+            status = NX_UNDERFLOW;
+            goto put_process_end;
+        }
+        length -= consumed_length;
 
         /* Increment the bytes received count.  */
         server_ptr -> nx_web_http_server_total_bytes_received =  server_ptr -> nx_web_http_server_total_bytes_received +
@@ -4536,12 +4551,28 @@ UINT        temp_realm_length = 0;
                 nx_packet_release(packet_ptr);
             }
 
-            /* Error, return to caller.  */
-            return;
+            goto put_process_end;
         }
 
         /* Update the length.  */
-        length =  length - (ULONG)(next_packet_ptr -> nx_packet_append_ptr - next_packet_ptr -> nx_packet_prepend_ptr);
+        consumed_length = (ULONG)(next_packet_ptr -> nx_packet_append_ptr - next_packet_ptr -> nx_packet_prepend_ptr);
+        if ((length - consumed_length) > length)
+        {
+            /* Underflow error has occurred.*/
+
+            /* Send response back to HTTP Client.  */
+            _nx_web_http_server_response_send(server_ptr, NX_WEB_HTTP_STATUS_BAD_REQUEST,
+                                                sizeof(NX_WEB_HTTP_STATUS_BAD_REQUEST) - 1,
+                                                "NetX HTTP Content Length",
+                                                sizeof("NetX HTTP Content Length") - 1, NX_NULL, 0);
+
+            /* Release the previous data packet.  */
+            nx_packet_release(data_packet_ptr);
+
+            status = NX_UNDERFLOW;
+            goto put_process_end;
+        }
+        length -= consumed_length;
 
         /* Increment the bytes received count.  */
         server_ptr -> nx_web_http_server_total_bytes_received =  server_ptr -> nx_web_http_server_total_bytes_received +
@@ -4575,13 +4606,12 @@ UINT        temp_realm_length = 0;
             }
 
             /* Send response back to HTTP Client.  */
-            _nx_web_http_server_response_send(server_ptr, NX_WEB_HTTP_STATUS_INTERNAL_ERROR,
-                                              sizeof(NX_WEB_HTTP_STATUS_INTERNAL_ERROR) - 1,
+            _nx_web_http_server_response_send(server_ptr, NX_WEB_HTTP_STATUS_BAD_REQUEST,
+                                              sizeof(NX_WEB_HTTP_STATUS_BAD_REQUEST) - 1,
                                               "NetX HTTP Receive Timeout",
                                               sizeof("NetX HTTP Receive Timeout") - 1, NX_NULL, 0);
 
-            /* Error, return to caller.  */
-            return;
+            goto put_process_end;
         }
 
         if (server_ptr -> nx_web_http_server_request_chunked)
@@ -4611,12 +4641,28 @@ UINT        temp_realm_length = 0;
                 /* Release the previous data packet.  */
                 nx_packet_release(data_packet_ptr);
 
-                /* Error, return to caller.  */
-                return;
+                goto put_process_end;
             }
 
             /* Update the length.  */
-            length =  length - (UINT)(next_packet_ptr -> nx_packet_append_ptr - next_packet_ptr -> nx_packet_prepend_ptr);
+            consumed_length = (ULONG)(next_packet_ptr -> nx_packet_append_ptr - next_packet_ptr -> nx_packet_prepend_ptr);
+            if ((length - consumed_length) > length)
+            {
+                /* Underflow error has occurred.*/
+
+                /* Send response back to HTTP Client.  */
+                _nx_web_http_server_response_send(server_ptr, NX_WEB_HTTP_STATUS_BAD_REQUEST,
+                                                  sizeof(NX_WEB_HTTP_STATUS_BAD_REQUEST) - 1,
+                                                  "NetX HTTP Content Length",
+                                                  sizeof("NetX HTTP Content Length") - 1, NX_NULL, 0);
+
+                /* Release the previous data packet.  */
+                nx_packet_release(data_packet_ptr);
+
+                status = NX_UNDERFLOW;
+                goto put_process_end;
+            }
+            length -= consumed_length;
 
             /* Increment the bytes received count.  */
             server_ptr -> nx_web_http_server_total_bytes_received =  server_ptr -> nx_web_http_server_total_bytes_received +
@@ -4635,11 +4681,8 @@ UINT        temp_realm_length = 0;
         nx_packet_release(data_packet_ptr);
     }
 
-    /* Success, at this point close the file and prepare a successful response for the client.  */
-    fx_file_close(&(server_ptr -> nx_web_http_server_file));
-
-
-    /* Now build a response header.  */
+    /* Build a response header. No need to check for success up to this point, as
+    program will have jumped to put_process_end label if an error has occurred.  */
     status = _nx_web_http_server_generate_response_header(server_ptr, &data_packet_ptr, NX_WEB_HTTP_STATUS_OK,
                                                           sizeof(NX_WEB_HTTP_STATUS_OK) - 1, 0,
                                                           NX_NULL, 0, NX_NULL, 0);
@@ -4657,7 +4700,10 @@ UINT        temp_realm_length = 0;
             nx_packet_release(data_packet_ptr);
         }
     }
-
+    put_process_end:
+        /* Always attempt cleanup by closing the file.  */
+        fx_file_close(&(server_ptr -> nx_web_http_server_file));
+    return;
 }
 
 
@@ -11350,4 +11396,4 @@ UINT _nx_web_http_server_authentication_check_set(NX_WEB_HTTP_SERVER *http_serve
 
     /* Return success.  */
     return(NX_SUCCESS);
-}
+}

common/inc/nx_api.h

@@ -1,5 +1,6 @@
 /***************************************************************************
  * Copyright (c) 2024 Microsoft Corporation 
+ * Copyright (c) 2025-present Eclipse ThreadX Contributors
  * 
  * This program and the accompanying materials are made available under the
  * terms of the MIT License which is available at
@@ -109,6 +110,9 @@
 /*  03-01-2024      Tiejun Zhou             Modified comment(s),          */
 /*                                            update version number,      */
 /*                                            resulting in version 6.4.1  */
+/*  02-19-2025      Frédéric Desbiens       Modified comment(s),          */
+/*                                            update version number,      */
+/*                                            resulting in version 6.4.2  */
 /*                                                                        */
 /**************************************************************************/
 
@@ -525,7 +529,7 @@ VOID _nx_trace_event_update(TX_TRACE_BUFFER_ENTRY *event, ULONG timestamp, ULONG
 #define AZURE_RTOS_NETXDUO
 #define NETXDUO_MAJOR_VERSION                    6
 #define NETXDUO_MINOR_VERSION                    4
-#define NETXDUO_PATCH_VERSION                    1
+#define NETXDUO_PATCH_VERSION                    2
 
 /* Define the following symbols for backward compatibility */
 #define EL_PRODUCT_NETXDUO
@@ -2226,6 +2230,12 @@ typedef struct NX_TCP_LISTEN_STRUCT
     NX_PACKET   *nx_tcp_listen_queue_head,
                 *nx_tcp_listen_queue_tail;
 
+#ifndef NX_DISABLE_EXTENDED_NOTIFY_SUPPORT
+    /* Define the callback function for notifying the host application of
+       a new connect request in the listen queue. */
+    VOID        (*nx_tcp_listen_queue_notify)(struct NX_TCP_LISTEN_STRUCT *listen_ptr);
+#endif
+
     /* Define the link between other TCP listen structures created by the application.  */
     struct NX_TCP_LISTEN_STRUCT
                 *nx_tcp_listen_next,

common/src/nx_tcp_packet_process.c

@@ -108,6 +108,9 @@ NX_TCP_SOCKET               *socket_ptr;
 NX_TCP_HEADER               *tcp_header_ptr;
 struct NX_TCP_LISTEN_STRUCT *listen_ptr;
 VOID                         (*listen_callback)(NX_TCP_SOCKET *socket_ptr, UINT port);
+#ifndef NX_DISABLE_EXTENDED_NOTIFY_SUPPORT
+VOID                         (*queue_callback)(struct NX_TCP_LISTEN_STRUCT *listen_ptr);
+#endif
 ULONG                        option_words;
 ULONG                        mss = 0;
 ULONG                        checksum;
@@ -1011,6 +1014,17 @@ ULONG                        rwin_scale = 0xFF;
                         /* Release the packet.  */
                         _nx_packet_release(packet_ptr);
                     }
+
+#ifndef NX_DISABLE_EXTENDED_NOTIFY_SUPPORT
+                    /* If extended notify is enabled, call the listen_queue_notify function.
+                       This user-supplied function notifies the host application of
+                       a new connect request in the listen queue. */
+                    queue_callback = listen_ptr -> nx_tcp_listen_queue_notify;
+                    if (queue_callback)
+                    {
+                        (queue_callback)(listen_ptr);
+                    }
+#endif
                 }
 
                 /* Finished processing, just return.  */

nx_secure/inc/nx_secure_tls.h

@@ -1,5 +1,6 @@
 /***************************************************************************
- * Copyright (c) 2024 Microsoft Corporation 
+ * Copyright (c) 2024 Microsoft Corporation
+ * Copyright (c) 2025-present Eclipse ThreadX Contributors
  * 
  * This program and the accompanying materials are made available under the
  * terms of the MIT License which is available at
@@ -109,6 +110,12 @@
 /*  03-01-2024      Tiejun Zhou             Modified comment(s),          */
 /*                                            update version number,      */
 /*                                            resulting in version 6.4.1  */
+/*  03-01-2024      Tiejun Zhou             Modified comment(s),          */
+/*                                            update version number,      */
+/*                                            resulting in version 6.4.1  */
+/*  02-19-2025      Frédéric Desbiens       Modified comment(s),          */
+/*                                            update version number,      */
+/*                                            resulting in version 6.4.2  */
 /*                                                                        */
 /**************************************************************************/
 
@@ -172,7 +179,7 @@ extern   "C" {
 #define AZURE_RTOS_NETX_SECURE
 #define NETX_SECURE_MAJOR_VERSION                       6
 #define NETX_SECURE_MINOR_VERSION                       4
-#define NETX_SECURE_PATCH_VERSION                       1
+#define NETX_SECURE_PATCH_VERSION                       2
 
 /* The following symbols are defined for backward compatibility reasons. */
 #define EL_PRODUCT_NETX_SECURE

nx_secure/src/nxe_secure_tls_session_send.c

@@ -90,6 +90,16 @@ UINT status;
         return(NX_PTR_ERROR);
     }
 
+    if (packet_ptr -> nx_packet_length == 0)
+    {
+        /* Must check for empty packets here, as TLS data will make a packet's contents
+        non-empty. _nx_tcp_socket_send_internal has a check for an empty packet
+        that correctly works in an HTTP session but will result in a false negative if
+        the session is HTTPS. Thus, this check is performed before the TLS session
+        operations that modify the packet.  */
+        return(NX_INVALID_PACKET);
+    }
+
     if (tls_session -> nx_secure_tls_tcp_socket == NX_NULL)
     {
         return(NX_SECURE_TLS_SESSION_UNINITIALIZED);

test/cmake/crypto/regression/CMakeLists.txt

@@ -1,4 +1,4 @@
-cmake_minimum_required(VERSION 3.0.0 FATAL_ERROR)
+cmake_minimum_required(VERSION 3.13 FATAL_ERROR)
 cmake_policy(SET CMP0057 NEW)
 
 project(regression_test LANGUAGES C)

test/cmake/crypto/regression/crypto_standalone.cmake

@@ -1,4 +1,4 @@
-cmake_minimum_required(VERSION 3.0.0 FATAL_ERROR)
+cmake_minimum_required(VERSION 3.13 FATAL_ERROR)
 set(CPU_ARCH "linux")
 set(COMPILER "gnu")
 

test/cmake/filex

@@ -0,0 +1 @@
+Subproject commit 1312f87f3b90c73c8db3aa1ccbadf15c60fe04bb