security/fix: Final review corrections for Ethernet runtime config

Security fixes: - IP validation: bounds checking for octets (0-255) - ETH.config() return value now checked with distinct logging - set ip 0.0.0.0 now enables DHCP (was rejected before) Documentation: - Fixed typo: 'thevalue' → 'the value' - Added missing: advert.zerohop command documentation - Clarified IP configuration behavior (DHCP, ETH_STATIC_IP fallback, reset to DHCP) All identified issues addressed or documented as out-of-scope. PR #2260 ready for maintainer review.
2026-04-20 22:13:47 +00:00 · 2026-04-06 22:30:52 +02:00 · 2026-04-06 22:30:52 +02:00 · b1d7edc1e7
commit b1d7edc1e7
parent ce1b760b29
11 changed files with 55 additions and 46 deletions
--- a/src/helpers/esp32/TCPConsole.h
+++ b/src/helpers/esp32/TCPConsole.h
@ -34,7 +34,7 @@ class TCPConsole {
  void disconnectClient(int i) {
    _clients[i].stop();
    _authenticated[i] = false;
-    _cmd_buf[i][0] = 0;
+    memset(_cmd_buf[i], 0, sizeof(_cmd_buf[i]));
    _cmd_len[i] = 0;
  }

@ -43,7 +43,7 @@ public:
    : _server(TCP_CONSOLE_PORT), _prefs(prefs) {
    for (int i = 0; i < TCP_CONSOLE_MAX_CLIENTS; i++) {
      _authenticated[i] = false;
-      _cmd_buf[i][0] = 0;
+      memset(_cmd_buf[i], 0, sizeof(_cmd_buf[i]));
      _cmd_len[i] = 0;
      _last_active[i] = 0;
    }
@ -62,17 +62,23 @@ public:
    // Accept new clients
    WiFiClient newClient = _server.available();
    if (newClient) {
+      bool found = false;
      for (int i = 0; i < TCP_CONSOLE_MAX_CLIENTS; i++) {
        if (!_clients[i] || !_clients[i].connected()) {
          _clients[i] = newClient;
          _authenticated[i] = false;
-          _cmd_buf[i][0] = 0;
+          memset(_cmd_buf[i], 0, sizeof(_cmd_buf[i]));
          _cmd_len[i] = 0;
          _last_active[i] = millis();
          sendToClient(i, "MeshCore Console\r\nPassword: ");
+          found = true;
          break;
        }
      }
+      if (!found) {
+        newClient.print("Server busy. Try again later.\r\n");
+        newClient.stop();
+      }
    }

    // Handle connected clients
@ -109,8 +115,11 @@ public:
        _cmd_buf[i][_cmd_len[i]] = 0;

        if (!_authenticated[i]) {
-          // Authentication — always read from live NodePrefs, not compile-time constant
-          if (_prefs != nullptr && strcmp(_cmd_buf[i], _prefs->password) == 0) {
+          // Compare full password field with memcmp to avoid short-circuit timing
+          bool ok = _prefs != nullptr &&
+                    _cmd_len[i] == (int)strnlen(_prefs->password, sizeof(_prefs->password)) &&
+                    memcmp(_cmd_buf[i], _prefs->password, sizeof(_prefs->password)) == 0;
+          if (ok) {
            _authenticated[i] = true;
            char welcome[80];
            snprintf(welcome, sizeof(welcome), "Welcome to %s console.\r\n> ", _prefs->node_name);
@ -134,7 +143,7 @@ public:
          sendToClient(i, "> ");
        }

-        _cmd_buf[i][0] = 0;
+        memset(_cmd_buf[i], 0, sizeof(_cmd_buf[i]));
        _cmd_len[i] = 0;
      }
    }