Coder Social home page Coder Social logo

blackmutzi / alexa-avs-prototype Goto Github PK

View Code? Open in Web Editor NEW
3.0 2.0 1.0 1.08 MB

Alexa Voice Service (AVS) client in C++ for raspberry pi or any Linux Distribution

License: GNU General Public License v3.0

QMake 0.35% C++ 99.65%
alexa-voice-service prototype linux linux-distribution raspberry-pi alexa-app testing qt-creator cpp11 doxygen travis-ci

alexa-avs-prototype's Introduction

N|Solid

alexa-avs-prototype (c++) travis

Alexa Voice Service (AVS) client in c++ for raspberry pi or any Linux Distribution. Project tested on Gentoo(x86_64) and Raspbian(arm).

The Prototype is deprecated use alexa-sdk-framewok/alexa-amazon-client, is already released and has more improvment.

what you need?

  • A Linux Distribution with PulseAudio Support.
  • Amazon Developer Account.
  • Follow the steps here to create a security profile.
  • And a WakeWordEngine Client from here.

download && build

git clone https://github.com/blackmutzi/alexa-avs-prototype
cd ./alexa-avs-prototype
qmake ./src/alexa-avs-prototype.pro
make

avs-configuration

first Step

go to config directory and modify ./src/config/config.json file

cd ./alexa-avs-prototype/src/config/
nano config.json 

{
 "client_id":" YOUR_CLIENT_ID_HERE ",
 "client_secret":" YOUR_CLIENT_SECRET_ID_HERE ",
 "code_grant":" YOUR_CODE_GRANT_HERE",
 "product_id":" YOUR_PRODUCT_NAME_HERE ",
 "redirect_uri":"https://localhost:3000/authresponse",
 "refresh_token":"AVS-CLIENT_SET_TOKEN_AUTOMATIC"
}

and write client_id, client_secret and product_id into the config. ( @see amazon-security-profile )

second Step

start now prototype ...

./alexa-avs-prototype

the avs-client show you a link, copy it in your Browser. Login Now ..

and get the grant code, save the grant code in the ./alexa-avs-prototype/src/config/config.json file, finish.

depends installing ( debian )

install:
  - sudo apt-get install libcurl4-gnutls-dev
  - sudo apt-get install libboost-all-dev
  - sudo apt-get install gcc-4.9
  - sudo apt-get install g++-4.9
  - sudo update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-4.9 100
  - sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-4.9 100
  - sudo add-apt-repository -y "deb http://de.archive.ubuntu.com/ubuntu artful main restricted universe multiverse"
  - sudo apt-get update -qq
  - sudo apt-get install libnghttp2-dev
  - sudo apt-get install libevent-dev
  - sudo apt-get install libmp3lame-dev
  - sudo apt-get install libssl-dev
  - sudo apt-get install libasound2-dev

alexa-avs-prototype's People

Contributors

blackmutzi avatar

Stargazers

avatar avatar avatar

Watchers

avatar avatar

Forkers

cliffsdover

alexa-avs-prototype's Issues

Academic research on vulnerable c++ code snippet

Dear Stefan M.,
We are a group of Academic researchers. We are analyzing vulnerable C++ code snippets migrated from StackOverflow to GitHub. Our research will be published in Academic publications and will not be used in any Industrial application.
We noted a vulnerable code snippet in your repository that was most likely copied from Stack Overflow. The vulnerability exists in this source code file of your repository.

Please verify our report here with regards to the above vulnerability to assist you.
Link to report with four questions for you related to the vulnerability (should not take more than 5 minutes to answer).

Here is a summary of the vulnerable code snippet:

Description:

If current_index or current_index + sizeof(T) get larger than size of vec, information leakage can occur.

static T get_from_vector(const std::vector<uint8_t>& vec, const size_t current_index){

example:

int main(){
std::vector<uint8_t> vec {0x01, 0x05};
auto byte1 = get_from_vector<uint8_t>(vec, 10);
auto byte2 = get_from_vector<uint16_t>(vec, 20);
auto byte4 = get_from_vector<uint32_t>(vec, 50);
auto byte8 = get_from_vector<uint64_t>(vec, 32);
printf("%x - %x -%x -%x",byte1,byte2,byte4,byte8);
}

output it's being like this:

0 - 0 -0 -382d3531

Mitigation:

Validate size of current_index + sizeof(T) to always be in the boundary of vec.

Please verify our report here with regards to the above vulnerability to assist you.
Link to report with four questions for you related to the vulnerability (should not take more than 5 minutes to answer).

Sincerely yours,
Morteza Verdi, Shiraz university, E-mail: [email protected]
Jafar Akhondali, Shiraz university, E-mail: [email protected]
Ashkan Sami, Shiraz university, E-mail: [email protected]
Foutse Khomh, Polytechnique Montreal, E-mail: [email protected], website: http://www.khomh.net/
Gias Uddin, Polytechnique Montreal, E-mail: [email protected], website: https://giasuddin.github.io
Alireza Karami motlagh, Shahid Chamran University, E-mail: [email protected]

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.