XML AddressSpace parser fails on Empty ExtendedObject Body subNodes
Description
The XML AddressSpace parsing (sopc_uanodeset_loader.c file) does not apply the same rules for non-defined ExtendedObject Body subNodes and for empty ones (Eg for EURange):
-
uax:Range</uax:Range> is accepted and uses the default value for
Lowandhigh(0.0) - uax:Range<uax:Low /></uax:Range> fails (with no real explicit message, except for ExtendedObject block line in source XML file, making the issue obscure for user)
Code version and environment identification
e2febefcc11936f1f4cfadfdb664bed58795c8b3 (1.6.0*)
Steps to reproduce
Use this configuraiton:
<UAVariable NodeId="s=A_EURange" BrowseName="EURange" DataType="i=884">
<DisplayName>EURange</DisplayName>
<Description>EURange</Description>
<References>
<Reference ReferenceType="HasTypeDefinition">i=68</Reference>
</References>
<Value>
<uax:ListOfExtensionObject>
<uax:ExtensionObject>
<uax:TypeId>
<uax:Identifier>i=884</uax:Identifier>
</uax:TypeId>
<uax:Body>
<uax:Range>
<uax:Low />
<uax:High></uax:High>
</uax:Range>
</uax:Body>
</uax:ExtensionObject>
</uax:ListOfExtensionObject>
</Value>
</UAVariable>Analysis
In sopc_uanodeset_loader.c: see functions set_variant_value_extobj_range and similars on ExtensionObject Value parsing.
- When returning
false, no context is provided -
if (result && highTagCtx->set)implies a difference between unset tags and undefined tags.
Security impact
None (Software won't start)
Possible fixes
- Add context for each problem in all ExtendedObjects parserse
- Replace by
if (result && highTagCtx->set && (*highTagCtx->single_value) != 0)(for example) in all reads where the interpretation of the content may fail for an empty node (relying onSOPC_strtodoubleandSOPC_strtoint)
Note : this only applies to Extended Object parsing (it is not expected that an empty NodeId could work)