From fe5415395ed748bb5519a0cce3764cc8fea5ee23 Mon Sep 17 00:00:00 2001 From: Julius Pfrommer Date: Tue, 20 Feb 2024 11:37:35 +0100 Subject: [PATCH 1/2] fix(server): Add required locks to readSessionDiagnostics --- src/server/ua_server_ns0_diagnostics.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/server/ua_server_ns0_diagnostics.c b/src/server/ua_server_ns0_diagnostics.c index 72ac9aecb77..63d9ee95823 100644 --- a/src/server/ua_server_ns0_diagnostics.c +++ b/src/server/ua_server_ns0_diagnostics.c @@ -328,16 +328,22 @@ readSessionDiagnostics(UA_Server *server, const UA_NodeId *nodeId, void *nodeContext, UA_Boolean sourceTimestamp, const UA_NumericRange *range, UA_DataValue *value) { + UA_LOCK(&server->serviceMutex); + /* Get the Session */ UA_Session *session = UA_Server_getSessionById(server, sessionId); - if(!session) + if(!session) { + UA_UNLOCK(&server->serviceMutex); return UA_STATUSCODE_BADINTERNALERROR; + } /* Read the BrowseName */ UA_QualifiedName bn; UA_StatusCode res = readWithReadValue(server, nodeId, UA_ATTRIBUTEID_BROWSENAME, &bn); - if(res != UA_STATUSCODE_GOOD) + if(res != UA_STATUSCODE_GOOD) { + UA_UNLOCK(&server->serviceMutex); return res; + } union { UA_SessionDiagnosticsDataType sddt; @@ -412,6 +418,7 @@ readSessionDiagnostics(UA_Server *server, cleanup: UA_QualifiedName_clear(&bn); + UA_UNLOCK(&server->serviceMutex); return res; } From 05b48e41ddaec3bdb9c15e83402966a57c25b0ba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=20L=C3=B6tzsch?= Date: Mon, 19 Feb 2024 17:16:19 +0100 Subject: [PATCH 2/2] Use correct address when reading array members of session diagnostic types. --- src/server/ua_server_ns0_diagnostics.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/server/ua_server_ns0_diagnostics.c b/src/server/ua_server_ns0_diagnostics.c index 63d9ee95823..aa764b43a7d 100644 --- a/src/server/ua_server_ns0_diagnostics.c +++ b/src/server/ua_server_ns0_diagnostics.c @@ -405,7 +405,7 @@ readSessionDiagnostics(UA_Server *server, res = UA_Variant_setScalarCopy(&value->value, content, type); } else { size_t len = *(size_t*)content; - content = (void*)(((uintptr_t)content) + sizeof(size_t)); + content = *(void**)((uintptr_t)content + sizeof(size_t)); res = UA_Variant_setArrayCopy(&value->value, content, len, type); } if(UA_LIKELY(res == UA_STATUSCODE_GOOD))