cubetiq/pyztk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

FIX better handle null terminated string input from clock

Browse Source 
There is no guarantee about what is after the first null byte
in ordinary C strings.  When string buffers are read, the
current code fails when garbage is sent after the first null byte.

This patch causes everything after the first byte to be discarded.
This commit is contained in:
Jos De Graeve 2017-11-10 12:25:09 +01:00
parent 8a1331adc5
commit 464a609f2c
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
zk/base.py
View File

@ -222,7 +222,7 @@ class ZK(object):
cmd_response = self.__send_command(command, command_string, checksum, session_id, reply_id, response_size) cmd_response = self.__send_command(command, command_string, checksum, session_id, reply_id, response_size)
if cmd_response.get('status'): if cmd_response.get('status'):
firmware_version = self.__data_recv[8:].strip('\x00|\x01\x10x') firmware_version = self.__data_recv[8:].split('\x00')[0]
return firmware_version return firmware_version
else: else:
raise ZKErrorResponse("Invalid response") raise ZKErrorResponse("Invalid response")
@ -240,7 +240,7 @@ class ZK(object):
cmd_response = self.__send_command(command, command_string, checksum, session_id, reply_id, response_size) cmd_response = self.__send_command(command, command_string, checksum, session_id, reply_id, response_size)
if cmd_response.get('status'): if cmd_response.get('status'):
serialnumber = self.__data_recv[8:].split('=')[-1].strip('\x00|\x01\x10x') serialnumber = self.__data_recv[8:].split('=')[-1].split('\x00')[0]
return serialnumber return serialnumber
else: else:
raise ZKErrorResponse("Invalid response") raise ZKErrorResponse("Invalid response")
@ -384,10 +384,10 @@ class ZK(object):
uid = u1 + (u2 * 256) uid = u1 + (u2 * 256)
privilege = int(privilege.encode("hex"), 16) privilege = int(privilege.encode("hex"), 16)
password = unicode(password.strip('\x00|\x01\x10x'), errors='ignore') password = unicode(password.split('\x00')[0], errors='ignore')
name = unicode(name.strip('\x00|\x01\x10x'), errors='ignore') name = unicode(name.split('\x00')[0], errors='ignore')
group_id = unicode(group_id.strip('\x00|\x01\x10x'), errors='ignore') group_id = unicode(group_id.split('\x00')[0], errors='ignore')
user_id = unicode(user_id.strip('\x00|\x01\x10x'), errors='ignore') user_id = unicode(user_id.split('\x00')[0], errors='ignore')
user = User(uid, name, privilege, password, group_id, user_id) user = User(uid, name, privilege, password, group_id, user_id)
users.append(user) users.append(user)
@ -481,7 +481,7 @@ class ZK(object):
while len(attendance_data) >= 38: while len(attendance_data) >= 38:
user_id, sparator, timestamp, status, space = unpack('24sc4sc10s', attendance_data.ljust(40)[:40]) user_id, sparator, timestamp, status, space = unpack('24sc4sc10s', attendance_data.ljust(40)[:40])
user_id = user_id.strip('\x00|\x01\x10x') user_id = user_id.split('\x00')[0]
timestamp = self.__decode_time(timestamp) timestamp = self.__decode_time(timestamp)
status = int(status.encode("hex"), 16) status = int(status.encode("hex"), 16)