From e28d40aa0a1fd814a0193f6a17f5e29c19f2cfa2 Mon Sep 17 00:00:00 2001 From: yudechen Date: Thu, 17 Nov 2022 15:25:33 +0800 Subject: [PATCH] fix: fix some defects. Signed-off-by: yudechen Change-Id: Ifcba58db1dfe58e22aa652abc5399d8e24e5413b --- src/syscap_tool.c | 43 +++++++++++++++++++++++++++++++------------ 1 file changed, 31 insertions(+), 12 deletions(-) diff --git a/src/syscap_tool.c b/src/syscap_tool.c index ff3e461..54193ff 100644 --- a/src/syscap_tool.c +++ b/src/syscap_tool.c @@ -40,6 +40,7 @@ typedef struct RequiredProductCompatibilityIDHead { #define PCID_OUT_BUFFER RPCID_OUT_BUFFER #define BYTES_OF_OS_SYSCAP 120 #define U32_TO_STR_MAX_LEN 11 +#define STRING_FORMAT_LEN_MAX 1024 #define PRINT_ERR(...) \ do { \ @@ -115,12 +116,12 @@ static int32_t ConvertedContextSaveAsFile(char *outDirPath, const char *filename char path[PATH_MAX + 1] = {0x00}; #ifdef _POSIX_ - if (strlen(outDirPath) > PATH_MAX || strncpy_s(path, PATH_MAX, outDirPath, strlen(outDirPath)) != EOK) { + if (strlen(outDirPath) >= PATH_MAX || strncpy_s(path, PATH_MAX, outDirPath, strlen(outDirPath)) != EOK) { PRINT_ERR("get path(%s) failed\n", outDirPath); return -1; } #else - if (strlen(outDirPath) > PATH_MAX || realpath(outDirPath, path) == NULL) { + if (strlen(outDirPath) >= PATH_MAX || realpath(outDirPath, path) == NULL) { PRINT_ERR("get file(%s) real path failed\n", outDirPath); return -1; } @@ -162,9 +163,9 @@ static int32_t ConvertedContextSaveAsFile(char *outDirPath, const char *filename static cJSON *CreateWholeSyscapJsonObj(void) { - size_t numOfSyscapAll = sizeof(g_arraySyscap) / sizeof(SyscapWithNum); + size_t allSyscapNum = sizeof(g_arraySyscap) / sizeof(SyscapWithNum); cJSON *root = cJSON_CreateObject(); - for (size_t i = 0; i < numOfSyscapAll; i++) { + for (size_t i = 0; i < allSyscapNum; i++) { cJSON_AddItemToObject(root, g_arraySyscap[i].str, cJSON_CreateNumber(g_arraySyscap[i].num)); } return root; @@ -281,6 +282,10 @@ static int32_t ParseRpcidToJson(char *input, uint32_t inputLen, cJSON *rpcidJson uint32_t i; int32_t ret = 0; uint16_t sysCapLength = NtohsInter(*(uint16_t *)(input + sizeof(uint32_t))); + if (sysCapLength > inputLen - sizeof(uint32_t)) { + PRINT_ERR("Get sysCapLength(%u) error, inputLen = %u\n", sysCapLength, inputLen); + return -1; + } uint16_t sysCapCount = sysCapLength / SINGLE_FEAT_LEN; char *sysCapBegin = input + sizeof(RPCIDHead) + sizeof(uint32_t); RPCIDHead *rpcidHeader = (RPCIDHead *)input; @@ -421,7 +426,6 @@ int32_t EncodeRpcidscToString(char *inputFile, char *outDirPath) int32_t ret = 0; int32_t sysCapArraySize; uint32_t bufferLen, i; - uint16_t indexOs = 0; uint16_t indexPri = 0; uint16_t *osSysCapIndex; char *contextBuffer = NULL; @@ -475,8 +479,9 @@ int32_t EncodeRpcidscToString(char *inputFile, char *outDirPath) 0, (size_t)(sysCapArraySize * SINGLE_SYSCAP_LEN)); priSyscap = priSyscapArray; // part os syscap and ptivate syscap - for (i = 0; i < (uint32_t)sysCapArraySize; i++) { - cJSON *cJsonItem = cJSON_GetArrayItem(sysCapArray, (int)i); + uint16_t indexOs = 0; + for (int i = 0; i < sysCapArraySize; i++) { + cJSON *cJsonItem = cJSON_GetArrayItem(sysCapArray, i); cJsonTemp = cJSON_GetObjectItem(sysCapDefine, cJsonItem->valuestring); if (cJsonTemp != NULL) { osSysCapIndex[indexOs++] = (uint16_t)(cJsonTemp->valueint); @@ -557,7 +562,7 @@ int32_t SeparateSyscapFromString(const char *inputString, uint32_t *osArray, uin { int32_t ret = 0; uint32_t i; - size_t inputLen = strlen(inputString); + uint32_t count = 0; char *temp = NULL; char *tok = NULL; @@ -568,7 +573,16 @@ int32_t SeparateSyscapFromString(const char *inputString, uint32_t *osArray, uin } // copy to temp string input - char *input = (char *)malloc(strlen(inputString) + 1); + if (inputString == NULL) { + PRINT_ERR("inputString is null.\n"); + return -1; + } + size_t inputLen = strlen(inputString); + if (inputLen > STRING_FORMAT_LEN_MAX) { + PRINT_ERR("input string too long(%zu).\n", inputLen); + return -1; + } + char *input = (char *)malloc(inputLen + 1); if (input == NULL) { PRINT_ERR("malloc failed.\n"); return -1; @@ -650,6 +664,7 @@ int32_t ComparePcidWithRpcidString(char *pcidFile, char *rpcidFile, uint32_t typ bool priSysFound; uint32_t pcidOsAarry[PCID_OUT_BUFFER] = {0}; uint32_t rpcidOsAarry[PCID_OUT_BUFFER] = {0}; + const size_t allSyscapNum = sizeof(g_arraySyscap) / sizeof(SyscapWithNum); if (type == TYPE_FILE) { if (GetFileContext(pcidFile, &pcidContent, &pcidContentLen)) { @@ -692,9 +707,13 @@ int32_t ComparePcidWithRpcidString(char *pcidFile, char *rpcidFile, uint32_t typ continue; } for (uint8_t k = 0; k < INT_BIT; k++) { - if (temp2 & (0x1 << k)) { - // 2, header of pcid & rpcid - printf("Missing: %s\n", g_arraySyscap[(i - 2) * INT_BIT + k].str); + if (!(temp2 & (0x1 << k))) { + continue; + } + // 2, header of pcid & rpcid + size_t pos = (size_t)((i - 2) * INT_BIT + k); + if (pos < allSyscapNum) { + printf("Missing: %s\n", g_arraySyscap[pos].str); ossyscapFlag += 1; } } -- Gitee