Peter M. Groen / libmodbus

Do not allow raw request length longer than the PDU size plus
the additional requested slave address byte.
Without this check modbus_send_raw_request could be used to
trigger a buffer overflow on the stack since the parameter
is passed unchecked to memcpy.

Thanks to Hanno Neuer for spotting this security flaw.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>

This replaces the lengthy license text headers with a short
and standardized license tag. See http://spdx.org for details.

This is useful e.g. for license compliance tools which scan
through files and generate a report of the licenses used
in a project.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>

This change has introduced by 83c34102.
Fix unit tests on some systems.

Protects against crafted write requests with a large quantity but a small
byte count. If address + quantity was in the mapping space of the server
and quantity greater than the response size, it was possible to crash
the server.

The sleep/flush sequence improves the handling of following requests.

Change API of function for libmodbus v3.2.0

- add byte timeout tests (TCP backend only)
- update and improve documentation
- long timeout values are now uint32_t so it changes the API
  to disable byte timeout

- update documentation
- 5 new tests
- updated NEWS file
- avoid include of time.h

It's strongly recommended to update your libmodbus library if you
use it in a slave/server application in a not trusted environment.

Debian package of libmodbus 3.0.4 already contains a patch to
mitigate the exploit but the patch isn't as strong than this one.

Thank you very much James Nutaro.

- change return argument from void to int
- update documentation

Thanks to Karl Palsson.

Thanks Tobias Doerffel.

Thanks to Carlos Tangerino

Thanks to Stefan Finzel for the bug report

Original patch for new connect function by Thomas Stalder.

- export new symbols to create specific behavior (RTU)
- the flag can't only be set by slaves
- new tests

Warning, modbus_receive returns 0 when a query is ignored.

- function removed from TCP and RTU code and from backend structure
- updated documentation
- updated examples

- new function _modbus_rtu_pre_check_confirmation
- new special test value to trigger an invalid response
- add unit test to cover invalid TID too

Thanks to Andrea Mattia

Add macros in libmodbus.txt and:
- modbus_get_byte_from_bits.txt
- modbus_get_float.txt
- modbus_reply.txt
- modbus_reply_exception.txt
- modbus_set_bits_from_byte.txt
- modbus_set_bits_from_bytes.txt
- modbus_set_float.txt