You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mynewt.apache.org by GitBox <gi...@apache.org> on 2021/02/24 07:59:28 UTC
[GitHub] [mynewt-nimble] KKopyscinski opened a new pull request #924: btshell/cmd.c: check string sizes before copy/concat operations
KKopyscinski opened a new pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] andrzej-kaczmarek commented on a change in pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
andrzej-kaczmarek commented on a change in pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#discussion_r583513787
##########
File path: apps/btshell/src/cmd.c
##########
@@ -99,12 +99,11 @@ parse_dev_addr(const char *prefix, const struct kv_pair *addr_types,
char name[32];
int rc;
- /* XXX string operations below are not quite safe, but do we care? */
-
+ /* Valid prefixes are peer_, own_, or null. Let's copy up to 5 characters */
if (!prefix) {
name[0] = '\0';
} else {
- strcpy(name, prefix);
+ strncpy(name, prefix, 5);
Review comment:
strncpy will not null terminate name if prefix is longer than 5 characters
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] apache-mynewt-bot removed a comment on pull request #924: btshell/cmd.c: check string sizes before copy/concat operations
Posted by GitBox <gi...@apache.org>.
apache-mynewt-bot removed a comment on pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#issuecomment-784876662
<!-- style-bot -->
## Style check summary
#### No suggestions at this time!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] apache-mynewt-bot removed a comment on pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
apache-mynewt-bot removed a comment on pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#issuecomment-786571572
<!-- style-bot -->
## Style check summary
#### No suggestions at this time!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] apache-mynewt-bot commented on pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
apache-mynewt-bot commented on pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#issuecomment-786583070
<!-- style-bot -->
## Style check summary
#### No suggestions at this time!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] sjanc commented on a change in pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
sjanc commented on a change in pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#discussion_r584599788
##########
File path: apps/btshell/src/cmd.c
##########
@@ -99,22 +99,26 @@ parse_dev_addr(const char *prefix, const struct kv_pair *addr_types,
char name[32];
int rc;
- /* XXX string operations below are not quite safe, but do we care? */
-
if (!prefix) {
name[0] = '\0';
} else {
- strcpy(name, prefix);
+ if (strlcpy(name, prefix, sizeof(name)) >= sizeof(name)) {
+ return EINVAL;
+ }
}
- strcat(name, "addr");
+ if (strlcat(name, "addr", sizeof(name)) > sizeof(name)) {
Review comment:
>=
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] KKopyscinski commented on a change in pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
KKopyscinski commented on a change in pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#discussion_r584651347
##########
File path: apps/btshell/src/cmd.c
##########
@@ -99,22 +99,26 @@ parse_dev_addr(const char *prefix, const struct kv_pair *addr_types,
char name[32];
int rc;
- /* XXX string operations below are not quite safe, but do we care? */
-
if (!prefix) {
name[0] = '\0';
} else {
- strcpy(name, prefix);
+ if (strlcpy(name, prefix, sizeof(name)) >= sizeof(name)) {
+ return EINVAL;
+ }
}
- strcat(name, "addr");
+ if (strlcat(name, "addr", sizeof(name)) > sizeof(name)) {
Review comment:
fixed
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] apache-mynewt-bot removed a comment on pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
apache-mynewt-bot removed a comment on pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#issuecomment-786472430
<!-- style-bot -->
## Style check summary
#### No suggestions at this time!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] apache-mynewt-bot commented on pull request #924: btshell/cmd.c: check string sizes before copy/concat operations
Posted by GitBox <gi...@apache.org>.
apache-mynewt-bot commented on pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#issuecomment-784876662
<!-- style-bot -->
## Style check summary
#### No suggestions at this time!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] andrzej-kaczmarek commented on a change in pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
andrzej-kaczmarek commented on a change in pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#discussion_r583530844
##########
File path: apps/btshell/src/cmd.c
##########
@@ -99,12 +99,11 @@ parse_dev_addr(const char *prefix, const struct kv_pair *addr_types,
char name[32];
int rc;
- /* XXX string operations below are not quite safe, but do we care? */
-
+ /* Valid prefixes are peer_, own_, or null. Let's copy up to 5 characters */
if (!prefix) {
name[0] = '\0';
} else {
- strcpy(name, prefix);
+ strncpy(name, prefix, 5);
Review comment:
I do not know if we won't use other prefixes in future. if you want to make it really fool-proof then better use strlcat (I think we support it) everywhere and handle errors.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] KKopyscinski commented on a change in pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
KKopyscinski commented on a change in pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#discussion_r583520143
##########
File path: apps/btshell/src/cmd.c
##########
@@ -99,12 +99,11 @@ parse_dev_addr(const char *prefix, const struct kv_pair *addr_types,
char name[32];
int rc;
- /* XXX string operations below are not quite safe, but do we care? */
-
+ /* Valid prefixes are peer_, own_, or null. Let's copy up to 5 characters */
if (!prefix) {
name[0] = '\0';
} else {
- strcpy(name, prefix);
+ strncpy(name, prefix, 5);
Review comment:
so maybe just return error when prefix is longer than 5 and avoid copying at all? longest viable prefix is "peer_"
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] apache-mynewt-bot commented on pull request #924: btshell/cmd.c: check string sizes before copy/concat operations
Posted by GitBox <gi...@apache.org>.
apache-mynewt-bot commented on pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#issuecomment-786472430
<!-- style-bot -->
## Style check summary
#### No suggestions at this time!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] KKopyscinski commented on a change in pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
KKopyscinski commented on a change in pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#discussion_r583552385
##########
File path: apps/btshell/src/cmd.c
##########
@@ -99,12 +99,11 @@ parse_dev_addr(const char *prefix, const struct kv_pair *addr_types,
char name[32];
int rc;
- /* XXX string operations below are not quite safe, but do we care? */
-
+ /* Valid prefixes are peer_, own_, or null. Let's copy up to 5 characters */
if (!prefix) {
name[0] = '\0';
} else {
- strcpy(name, prefix);
+ strncpy(name, prefix, 5);
Review comment:
ok, switched to strlcat/cpy
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] apache-mynewt-bot removed a comment on pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
apache-mynewt-bot removed a comment on pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#issuecomment-786583070
<!-- style-bot -->
## Style check summary
#### No suggestions at this time!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] apache-mynewt-bot commented on pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
apache-mynewt-bot commented on pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#issuecomment-786571572
<!-- style-bot -->
## Style check summary
#### No suggestions at this time!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] apache-mynewt-bot removed a comment on pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
apache-mynewt-bot removed a comment on pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#issuecomment-786473711
<!-- style-bot -->
## Style check summary
#### No suggestions at this time!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] sjanc commented on a change in pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
sjanc commented on a change in pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#discussion_r583563174
##########
File path: apps/btshell/src/cmd.c
##########
@@ -104,17 +104,23 @@ parse_dev_addr(const char *prefix, const struct kv_pair *addr_types,
if (!prefix) {
name[0] = '\0';
} else {
- strcpy(name, prefix);
+ if (strlcpy(name, prefix, sizeof(name)) > sizeof(name)) {
Review comment:
this (and others) should be >=
also, XXX in 102 is no longer needed :)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] KKopyscinski merged pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
KKopyscinski merged pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] KKopyscinski commented on a change in pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
KKopyscinski commented on a change in pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#discussion_r583564633
##########
File path: apps/btshell/src/cmd.c
##########
@@ -104,17 +104,23 @@ parse_dev_addr(const char *prefix, const struct kv_pair *addr_types,
if (!prefix) {
name[0] = '\0';
} else {
- strcpy(name, prefix);
+ if (strlcpy(name, prefix, sizeof(name)) > sizeof(name)) {
Review comment:
done :)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] sjanc commented on a change in pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
sjanc commented on a change in pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#discussion_r584599788
##########
File path: apps/btshell/src/cmd.c
##########
@@ -99,22 +99,26 @@ parse_dev_addr(const char *prefix, const struct kv_pair *addr_types,
char name[32];
int rc;
- /* XXX string operations below are not quite safe, but do we care? */
-
if (!prefix) {
name[0] = '\0';
} else {
- strcpy(name, prefix);
+ if (strlcpy(name, prefix, sizeof(name)) >= sizeof(name)) {
+ return EINVAL;
+ }
}
- strcat(name, "addr");
+ if (strlcat(name, "addr", sizeof(name)) > sizeof(name)) {
Review comment:
>=
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] apache-mynewt-bot commented on pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
apache-mynewt-bot commented on pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#issuecomment-787890906
<!-- style-bot -->
## Style check summary
#### No suggestions at this time!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] KKopyscinski commented on a change in pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
KKopyscinski commented on a change in pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#discussion_r583442831
##########
File path: apps/btshell/src/cmd.c
##########
@@ -99,7 +99,10 @@ parse_dev_addr(const char *prefix, const struct kv_pair *addr_types,
char name[32];
int rc;
- /* XXX string operations below are not quite safe, but do we care? */
+ /* Make sure we're not copying/concatenating more than sizeof name */
+ if (sizeof(prefix)+sizeof("addr")+sizeof("_type") > sizeof(name)) {
Review comment:
fixed, let's just copy up to n valid characters, we know how many that is for the prefix (5). If prefix is wrong it'll return error later
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] sjanc commented on a change in pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
sjanc commented on a change in pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#discussion_r584599788
##########
File path: apps/btshell/src/cmd.c
##########
@@ -99,22 +99,26 @@ parse_dev_addr(const char *prefix, const struct kv_pair *addr_types,
char name[32];
int rc;
- /* XXX string operations below are not quite safe, but do we care? */
-
if (!prefix) {
name[0] = '\0';
} else {
- strcpy(name, prefix);
+ if (strlcpy(name, prefix, sizeof(name)) >= sizeof(name)) {
+ return EINVAL;
+ }
}
- strcat(name, "addr");
+ if (strlcat(name, "addr", sizeof(name)) > sizeof(name)) {
Review comment:
should be >=
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] apache-mynewt-bot commented on pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
apache-mynewt-bot commented on pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#issuecomment-786473711
<!-- style-bot -->
## Style check summary
#### No suggestions at this time!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] KKopyscinski commented on a change in pull request #924: btshell/cmd.c: make strcpy in parse_dev_addr memory safe
Posted by GitBox <gi...@apache.org>.
KKopyscinski commented on a change in pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#discussion_r583520980
##########
File path: apps/btshell/src/cmd.c
##########
@@ -99,12 +99,11 @@ parse_dev_addr(const char *prefix, const struct kv_pair *addr_types,
char name[32];
int rc;
- /* XXX string operations below are not quite safe, but do we care? */
-
+ /* Valid prefixes are peer_, own_, or null. Let's copy up to 5 characters */
if (!prefix) {
name[0] = '\0';
} else {
- strcpy(name, prefix);
+ strncpy(name, prefix, 5);
Review comment:
ENOENT for example
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [mynewt-nimble] sjanc commented on a change in pull request #924: btshell/cmd.c: check string sizes before copy/concat operations
Posted by GitBox <gi...@apache.org>.
sjanc commented on a change in pull request #924:
URL: https://github.com/apache/mynewt-nimble/pull/924#discussion_r581818538
##########
File path: apps/btshell/src/cmd.c
##########
@@ -99,7 +99,10 @@ parse_dev_addr(const char *prefix, const struct kv_pair *addr_types,
char name[32];
int rc;
- /* XXX string operations below are not quite safe, but do we care? */
+ /* Make sure we're not copying/concatenating more than sizeof name */
+ if (sizeof(prefix)+sizeof("addr")+sizeof("_type") > sizeof(name)) {
Review comment:
???
##########
File path: apps/btshell/src/cmd.c
##########
@@ -99,7 +99,10 @@ parse_dev_addr(const char *prefix, const struct kv_pair *addr_types,
char name[32];
int rc;
- /* XXX string operations below are not quite safe, but do we care? */
+ /* Make sure we're not copying/concatenating more than sizeof name */
+ if (sizeof(prefix)+sizeof("addr")+sizeof("_type") > sizeof(name)) {
Review comment:
also I'd just use strncat, strncpy etc instead
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org