remove some coverity errors

src/server/ua_server.c

@@ -35,7 +35,12 @@ static void UA_ExternalNamespace_deleteMembers(UA_ExternalNamespace *ens) {
 /*****************/
 
 void UA_Server_addNetworkLayer(UA_Server *server, UA_ServerNetworkLayer networkLayer) {
-    server->nls = UA_realloc(server->nls, sizeof(UA_ServerNetworkLayer)*(server->nlsSize+1));
+    UA_ServerNetworkLayer *newlayers = UA_realloc(server->nls, sizeof(UA_ServerNetworkLayer)*(server->nlsSize+1));
+    if(!newlayers) {
+        UA_LOG_ERROR(server->logger, UA_LOGGERCATEGORY_SERVER, "Networklayer added");
+        return;
+    }
+    server->nls = newlayers;
     server->nls[server->nlsSize] = networkLayer;
     server->nlsSize++;
     UA_LOG_INFO(server->logger, UA_LOGGERCATEGORY_SERVER, "Networklayer added");
@@ -115,22 +120,22 @@ UA_Server * UA_Server_new(void) {
     LIST_INIT(&server->timedWork);
 #ifdef UA_MULTITHREADING
     rcu_init();
-	cds_wfcq_init(&server->dispatchQueue_head, &server->dispatchQueue_tail);
+    cds_wfcq_init(&server->dispatchQueue_head, &server->dispatchQueue_tail);
     server->delayedWork = UA_NULL;
 #endif
 
     // logger
-    server->logger = (UA_Logger){UA_NULL, UA_NULL, UA_NULL, UA_NULL, UA_NULL, UA_NULL};
+    server->logger = (UA_Logger){ UA_NULL, UA_NULL, UA_NULL, UA_NULL, UA_NULL, UA_NULL };
 
     // random seed
-    server->random_seed = (UA_UInt32) UA_DateTime_now();
+    server->random_seed = (UA_UInt32)UA_DateTime_now();
 
     // networklayers
     server->nls = UA_NULL;
     server->nlsSize = 0;
 
     UA_ByteString_init(&server->serverCertificate);
-        
+
     // mockup application description
     UA_ApplicationDescription_init(&server->description);
     UA_String_copycstring("urn:unconfigured:open62541:application", &server->description.productUri);
@@ -148,8 +153,8 @@ UA_Server * UA_Server_new(void) {
     UA_String_copycstring("http://opcfoundation.org/UA/SecurityPolicy#None", &endpoint->securityPolicyUri);
     UA_String_copycstring("http://opcfoundation.org/UA-Profile/Transport/uatcp-uasc-uabinary", &endpoint->transportProfileUri);
 
-    endpoint->userIdentityTokensSize = 1;
     endpoint->userIdentityTokens = UA_malloc(sizeof(UA_UserTokenPolicy));
+    endpoint->userIdentityTokensSize = 1;
     UA_UserTokenPolicy_init(endpoint->userIdentityTokens);
     UA_String_copycstring("my-anonymous-policy", &endpoint->userIdentityTokens->policyId); // defined per server
     endpoint->userIdentityTokens->tokenType = UA_USERTOKENTYPE_ANONYMOUS;

src/server/ua_server_addressspace.c

@@ -101,7 +101,7 @@ static UA_StatusCode addOneWayReferenceWithSession(UA_Server *server, UA_Session
         deleteNode = (void (*)(UA_Node*))UA_ViewNode_delete;
         break;
     default:
-        UA_assert(UA_FALSE);
+        return UA_STATUSCODE_BADINTERNALERROR;
     }
 
     UA_Int32 count = node->referencesSize;

src/server/ua_server_binary.c

@@ -16,7 +16,7 @@
 static UA_StatusCode UA_ByteStringArray_deleteMembers(UA_ByteStringArray *stringarray) {
     if(!stringarray)
         return UA_STATUSCODE_BADINTERNALERROR;
-    for(UA_UInt32 i = 0;i < stringarray->stringsSize;i++)
+    for(UA_UInt32 i = 0; i < stringarray->stringsSize; i++)
         UA_String_deleteMembers(&stringarray->strings[i]);
     return UA_STATUSCODE_GOOD;
 }
@@ -28,29 +28,31 @@ static void processHEL(UA_Connection *connection, const UA_ByteString *msg, size
         return;
     }
 
-    connection->remoteConf.maxChunkCount   = helloMessage.maxChunkCount;
-    connection->remoteConf.maxMessageSize  = helloMessage.maxMessageSize;
+    connection->remoteConf.maxChunkCount = helloMessage.maxChunkCount;
+    connection->remoteConf.maxMessageSize = helloMessage.maxMessageSize;
     connection->remoteConf.protocolVersion = helloMessage.protocolVersion;
-    connection->remoteConf.recvBufferSize  = helloMessage.receiveBufferSize;
-    connection->remoteConf.sendBufferSize  = helloMessage.sendBufferSize;
-    connection->state                      = UA_CONNECTION_ESTABLISHED;
+    connection->remoteConf.recvBufferSize = helloMessage.receiveBufferSize;
+    connection->remoteConf.sendBufferSize = helloMessage.sendBufferSize;
+    connection->state = UA_CONNECTION_ESTABLISHED;
 
     // build acknowledge response
     UA_TcpAcknowledgeMessage ackMessage;
-    ackMessage.protocolVersion   = connection->localConf.protocolVersion;
+    ackMessage.protocolVersion = connection->localConf.protocolVersion;
     ackMessage.receiveBufferSize = connection->localConf.recvBufferSize;
-    ackMessage.sendBufferSize    = connection->localConf.sendBufferSize;
-    ackMessage.maxMessageSize    = connection->localConf.maxMessageSize;
-    ackMessage.maxChunkCount     = connection->localConf.maxChunkCount;
+    ackMessage.sendBufferSize = connection->localConf.sendBufferSize;
+    ackMessage.maxMessageSize = connection->localConf.maxMessageSize;
+    ackMessage.maxChunkCount = connection->localConf.maxChunkCount;
 
     UA_TcpMessageHeader ackHeader;
     ackHeader.messageTypeAndFinal = UA_MESSAGETYPEANDFINAL_ACKF;
     ackHeader.messageSize = UA_TcpAcknowledgeMessage_calcSizeBinary(&ackMessage) +
-                            UA_TcpMessageHeader_calcSizeBinary(&ackHeader);
+        UA_TcpMessageHeader_calcSizeBinary(&ackHeader);
 
     // The message is on the stack. That's ok since ack is very small.
-    UA_ByteString ack_msg = (UA_ByteString){ .length = ackHeader.messageSize,
-                                             .data = UA_alloca(ackHeader.messageSize) };
+    UA_ByteString ack_msg = (UA_ByteString){
+        .length = ackHeader.messageSize,
+            .data = UA_alloca(ackHeader.messageSize)
+    };
     size_t tmpPos = 0;
     UA_TcpMessageHeader_encodeBinary(&ackHeader, &ack_msg, &tmpPos);
     UA_TcpAcknowledgeMessage_encodeBinary(&ackMessage, &ack_msg, &tmpPos);
@@ -61,7 +63,7 @@ static void processHEL(UA_Connection *connection, const UA_ByteString *msg, size
 }
 
 static void processOPN(UA_Connection *connection, UA_Server *server, const UA_ByteString *msg,
-                        size_t *pos) {
+                       size_t *pos) {
     if(connection->state != UA_CONNECTION_ESTABLISHED) {
         connection->close(connection);
         return;
@@ -106,8 +108,10 @@ static void processOPN(UA_Connection *connection, UA_Server *server, const UA_By
         + UA_NodeId_calcSizeBinary(&responseType)
         + UA_OpenSecureChannelResponse_calcSizeBinary(&p);
 
-    UA_ByteString resp_msg = (UA_ByteString){ .length = respHeader.messageHeader.messageSize,
-                                              .data = UA_alloca(respHeader.messageHeader.messageSize) };
+    UA_ByteString resp_msg = (UA_ByteString){
+        .length = respHeader.messageHeader.messageSize,
+            .data = UA_alloca(respHeader.messageHeader.messageSize)
+    };
 
     size_t tmpPos = 0;
     UA_SecureConversationMessageHeader_encodeBinary(&respHeader, &resp_msg, &tmpPos);
@@ -123,10 +127,10 @@ static void processOPN(UA_Connection *connection, UA_Server *server, const UA_By
 }
 
 static void init_response_header(const UA_RequestHeader *p, UA_ResponseHeader *r) {
-    r->requestHandle   = p->requestHandle;
-    r->serviceResult   = UA_STATUSCODE_GOOD;
+    r->requestHandle = p->requestHandle;
+    r->serviceResult = UA_STATUSCODE_GOOD;
     r->stringTableSize = 0;
-    r->timestamp       = UA_DateTime_now();
+    r->timestamp = UA_DateTime_now();
 }
 
 // if the message is small enough, we allocate it on the stack and save a malloc
@@ -136,7 +140,7 @@ static void init_response_header(const UA_RequestHeader *p, UA_ResponseHeader *r
             messageOnStack = UA_TRUE;                                   \
             *MESSAGE = (UA_ByteString){.length = messageSize,           \
                                        .data = UA_alloca(messageSize)}; \
-        } else                                                          \
+                        } else                                                          \
             UA_ByteString_newMembers(MESSAGE, messageSize);             \
     } while(0)
 
@@ -161,37 +165,39 @@ static void processMSG(UA_Connection *connection, UA_Server *server, const UA_By
     UA_UInt32_decodeBinary(msg, pos, &secureChannelId);
 
     UA_SecureChannel *clientChannel = connection->channel;
-    UA_Session *clientSession = UA_NULL;
+    UA_SecureChannel anonymousChannel;
+    if(!clientChannel) {
+        UA_SecureChannel_init(&anonymousChannel);
+        clientChannel = &anonymousChannel;
+    }
 #ifdef EXTENSION_STATELESS
-    UA_SecureChannel dummyChannel;
-    UA_SecureChannel_init(&dummyChannel);
-    if(secureChannelId == 0 || !clientChannel){
-        clientChannel = &dummyChannel;
+    if(secureChannelId == 0)
         clientSession = &anonymousSession;
-    } 
 #endif
-    if(!clientSession && clientChannel)
-        clientSession = clientChannel->session;
+
+    UA_Session *clientSession = clientChannel->session;
 
     // 2) Read the security header
     UA_UInt32 tokenId;
-    UA_UInt32_decodeBinary(msg, pos, &tokenId);
     UA_SequenceHeader sequenceHeader;
-    if(UA_SequenceHeader_decodeBinary(msg, pos, &sequenceHeader))
+    UA_StatusCode retval = UA_UInt32_decodeBinary(msg, pos, &tokenId);
+    retval |= UA_SequenceHeader_decodeBinary(msg, pos, &sequenceHeader);
+    if(retval != UA_STATUSCODE_GOOD)
         return;
 
-    clientChannel->sequenceNumber = sequenceHeader.sequenceNumber;
-    clientChannel->requestId = sequenceHeader.requestId;
-    // todo
     //UA_SecureChannel_checkSequenceNumber(channel,sequenceHeader.sequenceNumber);
     //UA_SecureChannel_checkRequestId(channel,sequenceHeader.requestId);
+    if(clientChannel) {
+        clientChannel->sequenceNumber = sequenceHeader.sequenceNumber;
+        clientChannel->requestId = sequenceHeader.requestId;
+    }
 
     // 3) Read the nodeid of the request
     UA_NodeId requestType;
     if(UA_NodeId_decodeBinary(msg, pos, &requestType))
         return;
     if(requestType.identifierType != UA_NODEIDTYPE_NUMERIC) {
-        // if the nodeidtype is numeric, we do not have to free anything
+        // That must not happen. The requestType does not have to be deleted at the end.
         UA_NodeId_deleteMembers(&requestType);
         return;
     }
@@ -199,156 +205,134 @@ static void processMSG(UA_Connection *connection, UA_Server *server, const UA_By
     // 4) process the request
     UA_ByteString responseBufs[2]; // 0->header, 1->response payload
     UA_UInt32 responseType;
-    UA_ByteString *header     = &responseBufs[0];
-    UA_ByteString *message    = &responseBufs[1];
+    UA_ByteString *header = &responseBufs[0];
+    UA_ByteString *message = &responseBufs[1];
     UA_Boolean messageOnStack = UA_FALSE;
-    size_t sendOffset      = 0;
+    size_t sendOffset = 0;
 
 #ifdef EXTENSION_STATELESS
-    //only some calls allow to be stateless
-    if(clientSession == &anonymousSession) {
-    	//subtract UA_ENCODINGOFFSET_BINARY for binary encoding
-    	switch(requestType.identifier.numeric - UA_ENCODINGOFFSET_BINARY) {
-    	case UA_NS0ID_READREQUEST:
-    		INVOKE_SERVICE(Read);
-    		break;
-
-    	case UA_NS0ID_WRITEREQUEST:
-    		INVOKE_SERVICE(Write);
-    		break;
-
-    	case UA_NS0ID_BROWSEREQUEST:
-    		INVOKE_SERVICE(Browse);
-    		break;
-
-    	default: {
-    		printf("SL_processMessage - stateless call for an unknown or not allowed request, namespace=%d, request=%d\n",
-    				requestType.namespaceIndex, requestType.identifier.numeric);
-    		UA_RequestHeader  p;
-    		UA_ResponseHeader r;
-    		if(UA_RequestHeader_decodeBinary(msg, pos, &p))
-                return;
-    		UA_ResponseHeader_init(&r);
-    		init_response_header(&p, &r);
-    		r.serviceResult = UA_STATUSCODE_BADSERVICEUNSUPPORTED;
-    		ALLOC_MESSAGE(message, UA_ResponseHeader_calcSizeBinary(&r));
-    		UA_ResponseHeader_encodeBinary(&r, message, &sendOffset);
-    		UA_RequestHeader_deleteMembers(&p);
-    		UA_ResponseHeader_deleteMembers(&r);
-    		responseType = UA_NS0ID_RESPONSEHEADER + UA_ENCODINGOFFSET_BINARY; }
-            break;
-    	}
-    } else {
-#endif
-    	//non-stateless service calls
-    	//subtract UA_ENCODINGOFFSET_BINARY for binary encoding
-    	switch(requestType.identifier.numeric - UA_ENCODINGOFFSET_BINARY) {
-    	case UA_NS0ID_GETENDPOINTSREQUEST: {
-    		UA_GetEndpointsRequest  p;
-    		UA_GetEndpointsResponse r;
-    		if(UA_GetEndpointsRequest_decodeBinary(msg, pos, &p))
-                return;
-    		UA_GetEndpointsResponse_init(&r);
-    		init_response_header(&p.requestHeader, &r.responseHeader);
-    		Service_GetEndpoints(server, &p, &r);
-    		ALLOC_MESSAGE(message, UA_GetEndpointsResponse_calcSizeBinary(&r));
-    		UA_GetEndpointsResponse_encodeBinary(&r, message, &sendOffset);
-    		UA_GetEndpointsRequest_deleteMembers(&p);
-    		UA_GetEndpointsResponse_deleteMembers(&r);
-    		responseType = requestType.identifier.numeric + 3;
-    		break;
-    	}
-
-    	case UA_NS0ID_CREATESESSIONREQUEST: {
-    		UA_CreateSessionRequest  p;
-    		UA_CreateSessionResponse r;
-            if(UA_CreateSessionRequest_decodeBinary(msg, pos, &p))
-                return;
-    		UA_CreateSessionResponse_init(&r);
-    		init_response_header(&p.requestHeader, &r.responseHeader);
-    		Service_CreateSession(server, clientChannel,  &p, &r);
-    		ALLOC_MESSAGE(message, UA_CreateSessionResponse_calcSizeBinary(&r));
-    		UA_CreateSessionResponse_encodeBinary(&r, message, &sendOffset);
-    		UA_CreateSessionRequest_deleteMembers(&p);
-    		UA_CreateSessionResponse_deleteMembers(&r);
-    		responseType = requestType.identifier.numeric + 3;
-    		break;
-    	}
-
-    	case UA_NS0ID_ACTIVATESESSIONREQUEST: {
-    		UA_ActivateSessionRequest  p;
-    		UA_ActivateSessionResponse r;
-    		if(UA_ActivateSessionRequest_decodeBinary(msg, pos, &p))
-                return;
-    		UA_ActivateSessionResponse_init(&r);
-    		init_response_header(&p.requestHeader, &r.responseHeader);
-    		Service_ActivateSession(server, clientChannel,  &p, &r);
-    		ALLOC_MESSAGE(message, UA_ActivateSessionResponse_calcSizeBinary(&r));
-    		UA_ActivateSessionResponse_encodeBinary(&r, message, &sendOffset);
-    		UA_ActivateSessionRequest_deleteMembers(&p);
-    		UA_ActivateSessionResponse_deleteMembers(&r);
-    		responseType = requestType.identifier.numeric + 3;
-    		break;
-    	}
-
-    	case UA_NS0ID_CLOSESESSIONREQUEST: {
-    		UA_CloseSessionRequest  p;
-    		UA_CloseSessionResponse r;
-    		if(UA_CloseSessionRequest_decodeBinary(msg, pos, &p))
-                return;
-    		UA_CloseSessionResponse_init(&r);
-    		init_response_header(&p.requestHeader, &r.responseHeader);
-    		Service_CloseSession(server, &p, &r);
-    		ALLOC_MESSAGE(message, UA_CloseSessionResponse_calcSizeBinary(&r));
-    		UA_CloseSessionResponse_encodeBinary(&r, message, &sendOffset);
-    		UA_CloseSessionRequest_deleteMembers(&p);
-    		UA_CloseSessionResponse_deleteMembers(&r);
-    		responseType = requestType.identifier.numeric + 3;
-    		break;
-    	}
-
-    	case UA_NS0ID_READREQUEST:
-    		INVOKE_SERVICE(Read);
-    		break;
-
-    	case UA_NS0ID_WRITEREQUEST:
-    		INVOKE_SERVICE(Write);
-    		break;
-
-    	case UA_NS0ID_BROWSEREQUEST:
-    		INVOKE_SERVICE(Browse);
-    		break;
-
-    	case UA_NS0ID_ADDREFERENCESREQUEST:
-    		INVOKE_SERVICE(AddReferences);
-    		break;
-
-    	case UA_NS0ID_TRANSLATEBROWSEPATHSTONODEIDSREQUEST:
-    		INVOKE_SERVICE(TranslateBrowsePathsToNodeIds);
-    		break;
-
-    	default: {
-    		printf("SL_processMessage - unknown request, namespace=%d, request=%d\n",
-    				requestType.namespaceIndex, requestType.identifier.numeric);
-    		UA_RequestHeader  p;
-    		UA_ResponseHeader r;
-    		if(UA_RequestHeader_decodeBinary(msg, pos, &p))
-                return;
-    		UA_ResponseHeader_init(&r);
-    		init_response_header(&p, &r);
-    		r.serviceResult = UA_STATUSCODE_BADSERVICEUNSUPPORTED;
-    		ALLOC_MESSAGE(message, UA_ResponseHeader_calcSizeBinary(&r));
-    		UA_ResponseHeader_encodeBinary(&r, message, &sendOffset);
-    		UA_RequestHeader_deleteMembers(&p);
-    		UA_ResponseHeader_deleteMembers(&r);
-    		responseType = UA_NS0ID_RESPONSEHEADER + UA_ENCODINGOFFSET_BINARY;
-    	}
-    	break;
-    	}
-#ifdef EXTENSION_STATELESS
+    switch(requestType.identifier.numeric - UA_ENCODINGOFFSET_BINARY) {
+    case UA_NS0ID_READREQUEST:
+    case UA_NS0ID_WRITEREQUEST:
+    case UA_NS0ID_BROWSEREQUEST:
+        break;
+    default:
+        if(clientSession != &anonymousSession)
+            retval = UA_STATUSCODE_BADNOTCONNECTED
     }
 #endif
 
+    //subtract UA_ENCODINGOFFSET_BINARY for binary encoding, if retval is set, this forces the default path
+    switch(requestType.identifier.numeric - UA_ENCODINGOFFSET_BINARY + retval) {
+    case UA_NS0ID_GETENDPOINTSREQUEST: {
+        UA_GetEndpointsRequest  p;
+        UA_GetEndpointsResponse r;
+        if(UA_GetEndpointsRequest_decodeBinary(msg, pos, &p))
+            return;
+        UA_GetEndpointsResponse_init(&r);
+        init_response_header(&p.requestHeader, &r.responseHeader);
+        Service_GetEndpoints(server, &p, &r);
+        ALLOC_MESSAGE(message, UA_GetEndpointsResponse_calcSizeBinary(&r));
+        UA_GetEndpointsResponse_encodeBinary(&r, message, &sendOffset);
+        UA_GetEndpointsRequest_deleteMembers(&p);
+        UA_GetEndpointsResponse_deleteMembers(&r);
+        responseType = requestType.identifier.numeric + 3;
+        break;
+    }
+
+    case UA_NS0ID_CREATESESSIONREQUEST: {
+        UA_CreateSessionRequest  p;
+        UA_CreateSessionResponse r;
+        if(UA_CreateSessionRequest_decodeBinary(msg, pos, &p))
+            return;
+        UA_CreateSessionResponse_init(&r);
+        init_response_header(&p.requestHeader, &r.responseHeader);
+        Service_CreateSession(server, clientChannel, &p, &r);
+        ALLOC_MESSAGE(message, UA_CreateSessionResponse_calcSizeBinary(&r));
+        UA_CreateSessionResponse_encodeBinary(&r, message, &sendOffset);
+        UA_CreateSessionRequest_deleteMembers(&p);
+        UA_CreateSessionResponse_deleteMembers(&r);
+        responseType = requestType.identifier.numeric + 3;
+        break;
+    }
+
+    case UA_NS0ID_ACTIVATESESSIONREQUEST: {
+        UA_ActivateSessionRequest  p;
+        UA_ActivateSessionResponse r;
+        if(UA_ActivateSessionRequest_decodeBinary(msg, pos, &p))
+            return;
+        UA_ActivateSessionResponse_init(&r);
+        init_response_header(&p.requestHeader, &r.responseHeader);
+        Service_ActivateSession(server, clientChannel, &p, &r);
+        ALLOC_MESSAGE(message, UA_ActivateSessionResponse_calcSizeBinary(&r));
+        UA_ActivateSessionResponse_encodeBinary(&r, message, &sendOffset);
+        UA_ActivateSessionRequest_deleteMembers(&p);
+        UA_ActivateSessionResponse_deleteMembers(&r);
+        responseType = requestType.identifier.numeric + 3;
+        break;
+    }
+
+    case UA_NS0ID_CLOSESESSIONREQUEST: {
+        UA_CloseSessionRequest  p;
+        UA_CloseSessionResponse r;
+        if(UA_CloseSessionRequest_decodeBinary(msg, pos, &p))
+            return;
+        UA_CloseSessionResponse_init(&r);
+        init_response_header(&p.requestHeader, &r.responseHeader);
+        Service_CloseSession(server, &p, &r);
+        ALLOC_MESSAGE(message, UA_CloseSessionResponse_calcSizeBinary(&r));
+        UA_CloseSessionResponse_encodeBinary(&r, message, &sendOffset);
+        UA_CloseSessionRequest_deleteMembers(&p);
+        UA_CloseSessionResponse_deleteMembers(&r);
+        responseType = requestType.identifier.numeric + 3;
+        break;
+    }
+
+    case UA_NS0ID_READREQUEST:
+        INVOKE_SERVICE(Read);
+        break;
+
+    case UA_NS0ID_WRITEREQUEST:
+        INVOKE_SERVICE(Write);
+        break;
+
+    case UA_NS0ID_BROWSEREQUEST:
+        INVOKE_SERVICE(Browse);
+        break;
+
+    case UA_NS0ID_ADDREFERENCESREQUEST:
+        INVOKE_SERVICE(AddReferences);
+        break;
+
+    case UA_NS0ID_TRANSLATEBROWSEPATHSTONODEIDSREQUEST:
+        INVOKE_SERVICE(TranslateBrowsePathsToNodeIds);
+        break;
+
+    default: {
+        char logmsg[512];
+        sprintf(logmsg, "SL_processMessage - unknown request, namespace=%d, request=%d\n",
+                requestType.namespaceIndex, requestType.identifier.numeric);
+        UA_LOG_INFO(server->logger, UA_LOGGERCATEGORY_CONNECTION, logmsg);
+
+        UA_RequestHeader  p;
+        UA_ResponseHeader r;
+        if(UA_RequestHeader_decodeBinary(msg, pos, &p))
+            return;
+        UA_ResponseHeader_init(&r);
+        init_response_header(&p, &r);
+        if(retval == UA_STATUSCODE_GOOD)
+            r.serviceResult = UA_STATUSCODE_BADSERVICEUNSUPPORTED;
+        else
+            r.serviceResult = retval;
+        ALLOC_MESSAGE(message, UA_ResponseHeader_calcSizeBinary(&r));
+        UA_ResponseHeader_encodeBinary(&r, message, &sendOffset);
+        UA_RequestHeader_deleteMembers(&p);
+        UA_ResponseHeader_deleteMembers(&r);
+        responseType = UA_NS0ID_RESPONSEHEADER + UA_ENCODINGOFFSET_BINARY;
+        break;
+    }
+    }
+
     // 5) Build the header
     UA_SecureConversationMessageHeader respHeader;
     respHeader.messageHeader.messageTypeAndFinal = UA_MESSAGETYPEANDFINAL_MSGF;
@@ -360,10 +344,10 @@ static void processMSG(UA_Connection *connection, UA_Server *server, const UA_By
 
     UA_SequenceHeader seqHeader;
     seqHeader.sequenceNumber = clientChannel->sequenceNumber;
-    seqHeader.requestId      = clientChannel->requestId;
+    seqHeader.requestId = clientChannel->requestId;
 
     UA_NodeId response_nodeid = { .namespaceIndex = 0, .identifierType = UA_NODEIDTYPE_NUMERIC,
-                                  .identifier.numeric = responseType };
+        .identifier.numeric = responseType };
 
     UA_UInt32 headerSize =
         UA_SecureConversationMessageHeader_calcSizeBinary(&respHeader)
@@ -384,7 +368,7 @@ static void processMSG(UA_Connection *connection, UA_Server *server, const UA_By
 
     // 6) Send it over the wire.
     UA_ByteStringArray responseBufArray;
-    responseBufArray.strings     = responseBufs;
+    responseBufArray.strings = responseBufs;
     responseBufArray.stringsSize = 2;
     connection->write(connection, responseBufArray);
 
@@ -393,14 +377,14 @@ static void processMSG(UA_Connection *connection, UA_Server *server, const UA_By
 }
 
 static void processCLO(UA_Connection *connection, UA_Server *server, const UA_ByteString *msg,
-                         size_t *pos) {
+                       size_t *pos) {
     UA_UInt32 secureChannelId;
     UA_UInt32_decodeBinary(msg, pos, &secureChannelId);
 
     if(!connection->channel || connection->channel->securityToken.channelId != secureChannelId)
         return;
 
-	Service_CloseSecureChannel(server, secureChannelId);
+    Service_CloseSecureChannel(server, secureChannelId);
 }
 
 void UA_Server_processBinaryMessage(UA_Server *server, UA_Connection *connection, const UA_ByteString *msg) {
@@ -424,14 +408,15 @@ void UA_Server_processBinaryMessage(UA_Server *server, UA_Connection *connection
             break;
 
         case UA_MESSAGETYPEANDFINAL_MSGF & 0xffffff:
-#ifndef EXTENSION_STATELESS
-            if(connection->state == UA_CONNECTION_ESTABLISHED && connection->channel != UA_NULL)
-                processMSG(connection, server, msg, &pos);
-            else
-                connection->close(connection);
-#else
-                processMSG(connection, server, msg, &pos);
+#ifdef EXTENSION_STATELESS
+            processMSG(connection, server, msg, &pos);
+            break
 #endif
+                if(connection->state != UA_CONNECTION_ESTABLISHED) {
+                connection->close(connection);
+                break;
+                }
+            processMSG(connection, server, msg, &pos);
             break;
 
         case UA_MESSAGETYPEANDFINAL_CLOF & 0xffffff:
@@ -439,7 +424,7 @@ void UA_Server_processBinaryMessage(UA_Server *server, UA_Connection *connection
             connection->close(connection);
             return;
         }
-        
+
         UA_TcpMessageHeader_deleteMembers(&tcpMessageHeader);
         if(pos != targetpos) {
             printf("The message size was not as announced or the message could not be processed, skipping to the end of the message.\n");

src/server/ua_services_attribute.c

@@ -253,20 +253,21 @@ void Service_Read(UA_Server *server, UA_Session *session, const UA_ReadRequest *
         response->responseHeader.serviceResult = UA_STATUSCODE_BADNOTHINGTODO;
         return;
     }
+    size_t size = request->nodesToReadSize;
 
-    response->results = UA_Array_new(&UA_TYPES[UA_TYPES_DATAVALUE], request->nodesToReadSize);
+    response->results = UA_Array_new(&UA_TYPES[UA_TYPES_DATAVALUE], size);
     if(!response->results) {
         response->responseHeader.serviceResult = UA_STATUSCODE_BADOUTOFMEMORY;
         return;
     }
 
     /* ### Begin External Namespaces */
-    UA_Boolean *isExternal = UA_alloca(sizeof(UA_Boolean) * request->nodesToReadSize);
-    UA_memset(isExternal, UA_FALSE, sizeof(UA_Boolean)*request->nodesToReadSize);
-    UA_UInt32 *indices = UA_alloca(sizeof(UA_UInt32) * request->nodesToReadSize);
-    for(UA_Int32 j = 0;j<server->externalNamespacesSize;j++) {
-        UA_UInt32 indexSize = 0;
-        for(UA_Int32 i = 0;i < request->nodesToReadSize;i++) {
+    UA_Boolean *isExternal = UA_alloca(sizeof(UA_Boolean) * size);
+    UA_memset(isExternal, UA_FALSE, sizeof(UA_Boolean) * size);
+    UA_UInt32 *indices = UA_alloca(sizeof(UA_UInt32) * size);
+    for(size_t j = 0;j<server->externalNamespacesSize;j++) {
+        size_t indexSize = 0;
+        for(size_t i = 0;i < size;i++) {
             if(request->nodesToRead[i].nodeId.namespaceIndex != server->externalNamespaces[j].index)
                 continue;
             isExternal[i] = UA_TRUE;
@@ -281,8 +282,8 @@ void Service_Read(UA_Server *server, UA_Session *session, const UA_ReadRequest *
     }
     /* ### End External Namespaces */
 
-    response->resultsSize = request->nodesToReadSize;
-    for(UA_Int32 i = 0;i < response->resultsSize;i++) {
+    response->resultsSize = size;
+    for(size_t i = 0;i < size;i++) {
         if(!isExternal[i])
             readValue(server, &request->nodesToRead[i], &response->results[i]);
     }

src/server/ua_services_nodemanagement.c

@@ -239,20 +239,21 @@ void Service_AddNodes(UA_Server *server, UA_Session *session, const UA_AddNodesR
         response->responseHeader.serviceResult = UA_STATUSCODE_BADNOTHINGTODO;
         return;
     }
+    size_t size = request->nodesToAddSize;
 
-    response->results = UA_Array_new(&UA_TYPES[UA_TYPES_ADDNODESRESULT], request->nodesToAddSize);
+    response->results = UA_Array_new(&UA_TYPES[UA_TYPES_ADDNODESRESULT], size);
     if(!response->results) {
         response->responseHeader.serviceResult = UA_STATUSCODE_BADOUTOFMEMORY;
         return;
     }
 
     /* ### Begin External Namespaces */
-    UA_Boolean *isExternal = UA_alloca(sizeof(UA_Boolean) * request->nodesToAddSize);
-    UA_memset(isExternal, UA_FALSE, sizeof(UA_Boolean)*request->nodesToAddSize);
-    UA_UInt32 *indices = UA_alloca(sizeof(UA_UInt32) * request->nodesToAddSize);
-    for(UA_Int32 j = 0;j<server->externalNamespacesSize;j++) {
-        UA_UInt32 indexSize = 0;
-        for(UA_Int32 i = 0;i < request->nodesToAddSize;i++) {
+    UA_Boolean *isExternal = UA_alloca(sizeof(UA_Boolean) * size);
+    UA_memset(isExternal, UA_FALSE, sizeof(UA_Boolean) * size);
+    UA_UInt32 *indices = UA_alloca(sizeof(UA_UInt32) * size);
+    for(size_t j = 0;j<server->externalNamespacesSize;j++) {
+        size_t indexSize = 0;
+        for(size_t i = 0;i < size;i++) {
             if(request->nodesToAdd[i].requestedNewNodeId.nodeId.namespaceIndex != server->externalNamespaces[j].index)
                 continue;
             isExternal[i] = UA_TRUE;
@@ -267,39 +268,36 @@ void Service_AddNodes(UA_Server *server, UA_Session *session, const UA_AddNodesR
     }
     /* ### End External Namespaces */
     
-    response->resultsSize = request->nodesToAddSize;
-    for(int i = 0;i < request->nodesToAddSize;i++) {
+    response->resultsSize = size;
+    for(size_t i = 0;i < size;i++) {
         if(!isExternal[i])
             addNodeFromAttributes(server, session, &request->nodesToAdd[i], &response->results[i]);
     }
 }
 
-void Service_AddReferences(UA_Server *server, UA_Session *session,
-		const UA_AddReferencesRequest *request,
-		UA_AddReferencesResponse *response) {
-	if (request->referencesToAddSize <= 0) {
+void Service_AddReferences(UA_Server *server, UA_Session *session, const UA_AddReferencesRequest *request,
+                           UA_AddReferencesResponse *response) {
+	if(request->referencesToAddSize <= 0) {
 		response->responseHeader.serviceResult = UA_STATUSCODE_BADNOTHINGTODO;
 		return;
 	}
-	response->results = UA_malloc(
-			sizeof(UA_StatusCode) * request->referencesToAddSize);
-	if (!response->results) {
+    size_t size = request->referencesToAddSize;
+	
+    if(!(response->results = UA_malloc(sizeof(UA_StatusCode) * size))) {
 		response->responseHeader.serviceResult = UA_STATUSCODE_BADOUTOFMEMORY;
 		return;
 	}
-	response->resultsSize = request->referencesToAddSize;
-	UA_memset(response->results, UA_STATUSCODE_GOOD,
-			sizeof(UA_StatusCode) * response->resultsSize);
+	response->resultsSize = size;
+	UA_memset(response->results, UA_STATUSCODE_GOOD, sizeof(UA_StatusCode) * size);
+
 	/* ### Begin External Namespaces */
-//UA_Boolean isExternal[MAX_ADDREFERENCES_SIZE];
-	UA_Boolean *isExternal = UA_alloca(sizeof(UA_Boolean) * request->referencesToAddSize);
-	UA_memset(isExternal, UA_FALSE,
-			sizeof(UA_Boolean) * request->referencesToAddSize);
-	UA_UInt32 *indices = UA_alloca(sizeof(UA_UInt32) * request->referencesToAddSize);
-	for (UA_Int32 j = 0; j < server->externalNamespacesSize; j++) {
-		UA_UInt32 indexSize = 0;
-		for (UA_Int32 i = 0; i < request->referencesToAddSize; i++) {
-			if (request->referencesToAdd[i].sourceNodeId.namespaceIndex
+	UA_Boolean *isExternal = UA_alloca(sizeof(UA_Boolean) * size);
+	UA_memset(isExternal, UA_FALSE, sizeof(UA_Boolean) * size);
+	UA_UInt32 *indices = UA_alloca(sizeof(UA_UInt32) * size);
+	for(size_t j = 0; j < server->externalNamespacesSize; j++) {
+		size_t indexSize = 0;
+		for(size_t i = 0;i < size;i++) {
+			if(request->referencesToAdd[i].sourceNodeId.namespaceIndex
 					!= server->externalNamespaces[j].index)
 				continue;
 			isExternal[i] = UA_TRUE;
@@ -315,9 +313,9 @@ void Service_AddReferences(UA_Server *server, UA_Session *session,
 				response->diagnosticInfos);
 	}
 	/* ### End External Namespaces */
-	response->resultsSize = request->referencesToAddSize;
-	for (UA_Int32 i = 0; i < response->resultsSize; i++) {
-		if (!isExternal[i])
+	response->resultsSize = size;
+	for(size_t i = 0; i < response->resultsSize; i++) {
+		if(!isExternal[i])
 			UA_Server_addReference(server, &request->referencesToAdd[i]);
 	}
 }

src/server/ua_services_view.c

@@ -228,20 +228,21 @@ void Service_Browse(UA_Server *server, UA_Session *session, const UA_BrowseReque
         response->responseHeader.serviceResult = UA_STATUSCODE_BADNOTHINGTODO;
         return;
     }
+   size_t size = request->nodesToBrowseSize;
 
-   response->results = UA_Array_new(&UA_TYPES[UA_TYPES_BROWSERESULT], request->nodesToBrowseSize);
+   response->results = UA_Array_new(&UA_TYPES[UA_TYPES_BROWSERESULT], size);
     if(!response->results) {
         response->responseHeader.serviceResult = UA_STATUSCODE_BADOUTOFMEMORY;
         return;
     }
 
     /* ### Begin External Namespaces */
-    UA_Boolean *isExternal = UA_alloca(sizeof(UA_Boolean) * request->nodesToBrowseSize);
-    UA_memset(isExternal, UA_FALSE, sizeof(UA_Boolean) * request->nodesToBrowseSize);
-    UA_UInt32 *indices = UA_alloca(sizeof(UA_UInt32) * request->nodesToBrowseSize);
-    for(UA_Int32 j = 0;j<server->externalNamespacesSize;j++) {
-        UA_UInt32 indexSize = 0;
-        for(UA_Int32 i = 0;i < request->nodesToBrowseSize;i++) {
+    UA_Boolean *isExternal = UA_alloca(sizeof(UA_Boolean) * size);
+    UA_memset(isExternal, UA_FALSE, sizeof(UA_Boolean) * size);
+    UA_UInt32 *indices = UA_alloca(sizeof(UA_UInt32) * size);
+    for(size_t j = 0;j<server->externalNamespacesSize;j++) {
+        size_t indexSize = 0;
+        for(size_t i = 0;i < size;i++) {
             if(request->nodesToBrowse[i].nodeId.namespaceIndex != server->externalNamespaces[j].index)
                 continue;
             isExternal[i] = UA_TRUE;
@@ -258,8 +259,8 @@ void Service_Browse(UA_Server *server, UA_Session *session, const UA_BrowseReque
     /* ### End External Namespaces */
 
 
-    response->resultsSize = request->nodesToBrowseSize;
-    for(UA_Int32 i = 0;i < request->nodesToBrowseSize;i++){
+    response->resultsSize = size;
+    for(size_t i = 0;i < size;i++){
         if(!isExternal[i]) {
             getBrowseResult(server->nodestore, &request->nodesToBrowse[i],
                         request->requestedMaxReferencesPerNode, &response->results[i]);

src/ua_types.c

@@ -628,8 +628,10 @@ UA_StatusCode UA_Variant_copySetValue(UA_Variant *v, const void *p, const UA_Dat
     if(!new)
         return UA_STATUSCODE_BADOUTOFMEMORY;
     UA_StatusCode retval = UA_copy(p, new, type);
-    if(retval != UA_STATUSCODE_GOOD)
-        return retval;
+	if(retval != UA_STATUSCODE_GOOD) {
+		UA_delete(new, type);
+		return retval;
+	}
     return UA_Variant_setArray(v, new, 1, type);
 }