meshcore-dev/MeshCore
1
0
Fork 0
mirror of https://github.com/meshcore-dev/MeshCore.git synced 2026-04-20 22:13:47 +00:00
Code Issues Projects Releases Packages Wiki Activity

security/fix: Final review corrections for Ethernet runtime config

Browse source 
Security fixes:
- IP validation: bounds checking for octets (0-255)
- ETH.config() return value now checked with distinct logging
- set ip 0.0.0.0 now enables DHCP (was rejected before)

Documentation:
- Fixed typo: 'thevalue' → 'the value'
- Added missing: advert.zerohop command documentation
- Clarified IP configuration behavior (DHCP, ETH_STATIC_IP fallback, reset to DHCP)

All identified issues addressed or documented as out-of-scope.
PR #2260 ready for maintainer review.
This commit is contained in:
Piero Andreini 2026-04-06 22:30:52 +02:00
parent ce1b760b29
commit b1d7edc1e7
11 changed files with 55 additions and 46 deletions
Download patch file Download diff file Expand all files Collapse all files

45
src/helpers/esp32/TEthEliteBoard.cpp
View file

@ -8,6 +8,7 @@
#include "TEthEliteBoard.h"
#include "target.h"
#include "helpers/ui/MomentaryButton.h"
#include <esp_task_wdt.h>
extern MomentaryButton user_btn;
@ -130,30 +131,26 @@ void TEthEliteBoard::startEthernet() {
ETH.begin(ETH_PHY_W5500, ETH_ADDR, ETH_CS, ETH_INT, -1, SPI2_HOST, ETH_SCLK, ETH_MISO, ETH_MOSI);
delay(100);
#ifndef USE_ETHERNET
// Used only if USE_ETHERNET is not enabled
#ifdef ETH_STATIC_IP
IPAddress ip(ETH_STATIC_IP);
IPAddress gw(ETH_GATEWAY);
IPAddress mask(ETH_SUBNET);
IPAddress dns(ETH_DNS);
ETH.config(ip, gw, mask, dns);
#endif
#endif
unsigned long t0 = millis();
while (!ETH.linkUp() && millis() - t0 < 5000) {
esp_task_wdt_reset();
delay(100);
}
t0 = millis();
while (ETH.localIP() == IPAddress(0, 0, 0, 0) && millis() - t0 < 5000) {
esp_task_wdt_reset();
delay(100);
}
if (ETH.localIP() == IPAddress(0, 0, 0, 0)) {
#ifdef ETH_STATIC_IP
Serial.println("DHCP timeout, using static IP from build flags");
ETH.config(IPAddress(ETH_STATIC_IP), IPAddress(ETH_GATEWAY), IPAddress(ETH_SUBNET), IPAddress(ETH_DNS));
#else
Serial.println("DHCP timeout, using fallback IP");
ETH.config(IPAddress(192, 168, 4, 2), IPAddress(192, 168, 4, 1), IPAddress(255, 255, 255, 0));
#endif
}
eth_local_ip = ETH.localIP().toString(); // save IP for OTA use
@ -164,30 +161,40 @@ void TEthEliteBoard::startEthernet() {
Serial.print("ETH IP "); Serial.println(ETH.localIP());
Serial.println(ETH.linkUp() ? "ETH LINK UP" : "ETH LINK DOWN");
}
void TEthEliteBoard::reconfigureEthernet(uint32_t ip, uint32_t gw, uint32_t subnet) {
void TEthEliteBoard::reconfigureEthernet(uint32_t ip, uint32_t gw, uint32_t subnet, uint32_t dns1) {
if (ip != 0) {
uint8_t b1 = (ip >> 24) & 0xFF;
uint8_t b2 = (ip >> 16) & 0xFF;
uint8_t b3 = (ip >> 8) & 0xFF;
uint8_t b4 = ip & 0xFF;
uint8_t gw1 = (gw >> 24) & 0xFF;
uint8_t gw2 = (gw >> 16) & 0xFF;
uint8_t gw3 = (gw >> 8) & 0xFF;
uint8_t gw4 = gw & 0xFF;
uint8_t sub1 = (subnet >> 24) & 0xFF;
uint8_t sub2 = (subnet >> 16) & 0xFF;
uint8_t sub3 = (subnet >> 8) & 0xFF;
uint8_t sub4 = subnet & 0xFF;
ETH.config(
uint8_t dns_1 = (dns1 >> 24) & 0xFF;
uint8_t dns_2 = (dns1 >> 16) & 0xFF;
uint8_t dns_3 = (dns1 >> 8) & 0xFF;
uint8_t dns_4 = dns1 & 0xFF;
bool ok = ETH.config(
IPAddress(b1, b2, b3, b4),
IPAddress(gw1, gw2, gw3, gw4),
IPAddress(sub1, sub2, sub3, sub4)
IPAddress(sub1, sub2, sub3, sub4),
IPAddress(dns_1, dns_2, dns_3, dns_4)
);
Serial.printf("ETH reconfigured to %d.%d.%d.%d\n", b1, b2, b3, b4);
eth_local_ip = ETH.localIP().toString(); // Aggiorna IP locale per OTA
if (ok) {
Serial.printf("ETH reconfigured to %d.%d.%d.%d\n", b1, b2, b3, b4);
} else {
Serial.println("ETH reconfigure failed");
}
eth_local_ip = ETH.localIP().toString();
}
}
#endif