Resolve "Harden C string functions"

3b5c778d · Michael Davis · 4cdd4e86 · 3b5c778d · 3b5c778d · 3b5c778d
Commit 3b5c778d authored 1 year ago by Michael Davis
--- a/mediachanger/castorrmc/common/marshall.c
+++ b/mediachanger/castorrmc/common/marshall.c
@@ -15,27 +15,24 @@
 *               submit itself to any jurisdiction.
 */

-/*
- * marshall.c - wrappers on top of marshall macros
- */
-
 #include <string.h>
 #include "marshall.h"
 #include "osdep.h"

-int
-_unmarshall_STRINGN(char **ptr,
-                        char *str,
-                        int n)
-{
-	char *p;
+int unmarshall_STRINGN(char** ptr, const char* ptr_end, char* str, int str_maxlen) {
+  if(*ptr+str_maxlen > ptr_end) {
+    str_maxlen = ptr_end-*ptr+1;
+  }

-	(void) strncpy (str, *ptr, n);
-	if ((p = memchr (str, 0, n)) != NULL) {
-		*ptr += (p - str + 1);
-		return (0);
-	}
-	*(str + n - 1) = '\0';
-	*ptr += strlen(*ptr) + 1;
-	return (-1);
+  strncpy(str, *ptr, str_maxlen);
+  int str_len = strnlen(str, str_maxlen);
+  if(str_len < str_maxlen) {
+    *ptr += str_len+1;
+    return 0;
+  } else {
+    str[str_maxlen-1] = '\0';
+    *ptr += strnlen(*ptr, ptr_end-*ptr);
+    if(**ptr == '\0') ++*ptr;
+    return -1;
+  }
 }
--- a/mediachanger/castorrmc/h/marshall.h
+++ b/mediachanger/castorrmc/h/marshall.h
@@ -142,8 +142,7 @@ typedef  char*          bitvct; /* bit vector type definition           */
 					  INC_PTR(ptr,strlen(str)+1); \
 					}

-EXTERN_C int _unmarshall_STRINGN (char **, char*, int);
-#define  unmarshall_STRINGN(ptr,str,n)  _unmarshall_STRINGN(&ptr, str, n)
+EXTERN_C int unmarshall_STRINGN(char** ptr, const char* ptr_end, char* str, int str_maxlen);

 /*
 *    H Y P E R   ( 6 4   B I T S )

--- a/mediachanger/castorrmc/h/rmc_constants.h
+++ b/mediachanger/castorrmc/h/rmc_constants.h
@@ -27,6 +27,8 @@
 #define	RMC_RETRYI	60
 #define	RMC_LOGBUFSZ 1024

+#define REQ_DATA_SIZE (RMC_REQBUFSZ-3*LONGSIZE) /* Size of buffer pointed to by rqst_context.req_data */
+
 #define RMC_PORT 5014

 #define RMC_MAXRQSTATTEMPTS 10 /* Maximum number of attempts a retriable RMC request should be issued */

--- a/mediachanger/castorrmc/rmc/rmc_procreq.c
+++ b/mediachanger/castorrmc/rmc/rmc_procreq.c
@@ -50,20 +50,21 @@ int rmc_srv_export(const struct rmc_srv_rqst_context *const rqst_context) {
 	const char* const func = "rmc_srv_export";

 	rbp = rqst_context->req_data;
+	const char* req_data_end = rqst_context->req_data+REQ_DATA_SIZE;
 	unmarshall_LONG (rbp, uid);
 	unmarshall_LONG (rbp, gid);
 	rmc_logit (func, RMC92, "export", uid, gid, rqst_context->clienthost);
 	/* Unmarshall and ignore the loader field as it is no longer used */
 	{
 		char smc_ldr[CA_MAXRBTNAMELEN+1];
-		if (unmarshall_STRINGN (rbp, smc_ldr, CA_MAXRBTNAMELEN+1)) {
+		if(unmarshall_STRINGN(&rbp, req_data_end, smc_ldr, CA_MAXRBTNAMELEN+1)) {
 			rmc_sendrep (rqst_context->rpfd, MSG_ERR, RMC06,
 				"loader");
 			rmc_logit (func, "returns %d\n", ERMCUNREC);
 			return ERMCUNREC;
 		}
 	}
-	if (unmarshall_STRINGN (rbp, vid, CA_MAXVIDLEN+1)) {
+	if(unmarshall_STRINGN(&rbp, req_data_end, vid, CA_MAXVIDLEN+1)) {
 		rmc_sendrep (rqst_context->rpfd, MSG_ERR, RMC06, "vid");
 		rmc_logit (func, "returns %d\n", ERMCUNREC);
 		return ERMCUNREC;
@@ -100,20 +101,21 @@ int rmc_srv_findcart(const struct rmc_srv_rqst_context *const rqst_context) {
 	const char* const func = "rmc_srv_findcart";

 	rbp = rqst_context->req_data;
+	const char* req_data_end = rqst_context->req_data+REQ_DATA_SIZE;
 	unmarshall_LONG (rbp, uid);
 	unmarshall_LONG (rbp, gid);
 	rmc_logit (func, RMC92, "findcart", uid, gid, rqst_context->clienthost);
 	/* Unmarshall and ignore the loader fiel as it is no longer used */
 	{
 		char smc_ldr[CA_MAXRBTNAMELEN+1];
-		if (unmarshall_STRINGN (rbp, smc_ldr, CA_MAXRBTNAMELEN+1)) {
+		if(unmarshall_STRINGN(&rbp, req_data_end, smc_ldr, CA_MAXRBTNAMELEN+1)) {
 			rmc_sendrep (rqst_context->rpfd, MSG_ERR, RMC06,
 				"loader");
 			rmc_logit (func, "returns %d\n", ERMCUNREC);
 			return ERMCUNREC;
 		}
 	}
-	if (unmarshall_STRINGN (rbp, template, 40)) {
+	if(unmarshall_STRINGN(&rbp, req_data_end, template, 40)) {
 		rmc_sendrep (rqst_context->rpfd, MSG_ERR, RMC06, "template");
 		rmc_logit (func, "returns %d\n", ERMCUNREC);
 		return ERMCUNREC;
@@ -175,13 +177,14 @@ int rmc_srv_getgeom(const struct rmc_srv_rqst_context *const rqst_context) {
 	const char* const func = "rmc_srv_getgeom";

 	rbp = rqst_context->req_data;
+	const char* req_data_end = rqst_context->req_data+REQ_DATA_SIZE;
 	unmarshall_LONG (rbp, uid);
 	unmarshall_LONG (rbp, gid);
 	rmc_logit (func, RMC92, "getgeom", uid, gid, rqst_context->clienthost);
 	/* Unmarshall and ignore the loader field as it is no longer used */
 	{
 		char smc_ldr[CA_MAXRBTNAMELEN+1];
-		if (unmarshall_STRINGN (rbp, smc_ldr, CA_MAXRBTNAMELEN+1)) {
+		if(unmarshall_STRINGN(&rbp, req_data_end, smc_ldr, CA_MAXRBTNAMELEN+1)) {
 			rmc_sendrep (rqst_context->rpfd, MSG_ERR, RMC06,
 				"loader");
 			rmc_logit (func, "returns %d\n", ERMCUNREC);
@@ -218,20 +221,21 @@ int rmc_srv_import(const struct rmc_srv_rqst_context *const rqst_context) {
 	const char* const func = "rmc_srv_import";

 	rbp = rqst_context->req_data;
+	const char* req_data_end = rqst_context->req_data+REQ_DATA_SIZE;
 	unmarshall_LONG (rbp, uid);
 	unmarshall_LONG (rbp, gid);
 	rmc_logit (func, RMC92, "import", uid, gid, rqst_context->clienthost);
 	/* Unmarshall and ignore the loader field as it is no longer used */
 	{
 		char smc_ldr[CA_MAXRBTNAMELEN+1];
-		if (unmarshall_STRINGN (rbp, smc_ldr, CA_MAXRBTNAMELEN+1)) {
+		if(unmarshall_STRINGN(&rbp, req_data_end, smc_ldr, CA_MAXRBTNAMELEN+1)) {
 			rmc_sendrep (rqst_context->rpfd, MSG_ERR, RMC06,
 				"loader");
 			rmc_logit (func, "returns %d\n", ERMCUNREC);
 			return ERMCUNREC;
 		}
 	}
-	if (unmarshall_STRINGN (rbp, vid, CA_MAXVIDLEN+1)) {
+	if(unmarshall_STRINGN(&rbp, req_data_end, vid, CA_MAXVIDLEN+1)) {
 		rmc_sendrep (rqst_context->rpfd, MSG_ERR, RMC06, "vid");
 		rmc_logit (func, "returns %d\n", ERMCUNREC);
 		return ERMCUNREC;
@@ -260,20 +264,21 @@ int rmc_srv_mount(const struct rmc_srv_rqst_context *const rqst_context) {
 	const char* const func = "rmc_srv_mount";

 	rbp = rqst_context->req_data;
+	const char* req_data_end = rqst_context->req_data+REQ_DATA_SIZE;
 	unmarshall_LONG (rbp, uid);
 	unmarshall_LONG (rbp, gid);
 	rmc_logit (func, RMC92, "mount", uid, gid, rqst_context->clienthost);
 	/* Unmarshall and ignore the loader field as it is no longer used */
 	{
 		char smc_ldr[CA_MAXRBTNAMELEN+1];
-		if (unmarshall_STRINGN (rbp, smc_ldr, CA_MAXRBTNAMELEN+1)) {
+		if(unmarshall_STRINGN(&rbp, req_data_end, smc_ldr, CA_MAXRBTNAMELEN+1)) {
 			rmc_sendrep (rqst_context->rpfd, MSG_ERR, RMC06,
 				"loader");
 			rmc_logit (func, "returns %d\n", ERMCUNREC);
 			return ERMCUNREC;
 		}
 	}
-	if (unmarshall_STRINGN (rbp, vid, CA_MAXVIDLEN+1)) {
+	if(unmarshall_STRINGN(&rbp, req_data_end, vid, CA_MAXVIDLEN+1)) {
 		rmc_sendrep (rqst_context->rpfd, MSG_ERR, RMC06, "vid");
 		rmc_logit (func, "returns %d\n", ERMCUNREC);
 		return ERMCUNREC;
@@ -312,13 +317,14 @@ int rmc_srv_readelem(const struct rmc_srv_rqst_context *const rqst_context) {
 	const char* const func = "rmc_srv_readelem";

 	rbp = rqst_context->req_data;
+	const char* req_data_end = rqst_context->req_data+REQ_DATA_SIZE;
 	unmarshall_LONG (rbp, uid);
 	unmarshall_LONG (rbp, gid);
 	rmc_logit (func, RMC92, "readelem", uid, gid, rqst_context->clienthost);
 	/* Unmarshall and ignore the loader field as it is no longer used */
 	{
 		char smc_ldr[CA_MAXRBTNAMELEN+1];
-		if (unmarshall_STRINGN (rbp, smc_ldr, CA_MAXRBTNAMELEN+1)) {
+		if(unmarshall_STRINGN(&rbp, req_data_end, smc_ldr, CA_MAXRBTNAMELEN+1)) {
 			rmc_sendrep (rqst_context->rpfd, MSG_ERR, RMC06,
 				"loader");
 			rmc_logit (func, "returns %d\n", ERMCUNREC);
@@ -388,19 +394,20 @@ int rmc_srv_unmount(const struct rmc_srv_rqst_context *const rqst_context) {
 	const char* const func = "rmc_srv_unmount";

 	rbp = rqst_context->req_data;
+	const char* req_data_end = rqst_context->req_data+REQ_DATA_SIZE;
 	unmarshall_LONG (rbp, uid);
 	unmarshall_LONG (rbp, gid);
 	rmc_logit (func, RMC92, "unmount", uid, gid, rqst_context->clienthost);
 	/* Unmarshall and ignore the loader field as it is no longer used */
 	{
 		char smc_ldr[CA_MAXRBTNAMELEN+1];
-		if (unmarshall_STRINGN (rbp, smc_ldr, CA_MAXRBTNAMELEN+1)) {
+		if(unmarshall_STRINGN(&rbp, req_data_end, smc_ldr, CA_MAXRBTNAMELEN+1)) {
 			rmc_sendrep (rqst_context->rpfd, MSG_ERR, RMC06, "loader");
 			rmc_logit (func, "returns %d\n", ERMCUNREC);
 			return ERMCUNREC;
 		}
 	}
-	if (unmarshall_STRINGN (rbp, vid, CA_MAXVIDLEN+1)) {
+	if(unmarshall_STRINGN(&rbp, req_data_end, vid, CA_MAXVIDLEN+1)) {
 		rmc_sendrep (rqst_context->rpfd, MSG_ERR, RMC06, "vid");
 		rmc_logit (func, "returns %d\n", ERMCUNREC);
 		return ERMCUNREC;

--- a/mediachanger/castorrmc/rmc/rmc_serv.c
+++ b/mediachanger/castorrmc/rmc/rmc_serv.c
@@ -272,7 +272,7 @@ static void rmc_doit(const int rpfd)
 {
 	int c;
 	char *clienthost;
-	char req_data[RMC_REQBUFSZ-3*LONGSIZE];
+	char req_data[REQ_DATA_SIZE];
 	int req_type = 0;

 	if ((c = rmc_getreq (rpfd, &req_type, req_data, &clienthost)) == 0)