tests: use sanitize_clamp to qualify all command line input

Now we have a way to share functions, share one more. https://cwe.mitre.org/data/definitions/190.html warns on atoi, so use the sanitize_clamp to ensure that things look OK before using them. Signed-off-by: Robin Getz <[email protected]>
analogdevicesinc · Apr 19, 2020 · 503fa9b · 503fa9b
1 parent 329352a
commit 503fa9b
Show file tree

Hide file tree

Showing 7 changed files with 48 additions and 44 deletions.
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
@@ -40,7 +40,7 @@ target_link_libraries(iio_genxml  iio)
 target_link_libraries(iio_info    iio iio_tests_helper)
 target_link_libraries(iio_attr    iio iio_tests_helper)
 target_link_libraries(iio_readdev iio iio_tests_helper)
-target_link_libraries(iio_reg     iio)
+target_link_libraries(iio_reg     iio iio_tests_helper)
 target_link_libraries(iio_writedev iio iio_tests_helper)
 
 set(IIO_TESTS_TARGETS iio_genxml iio_info iio_attr iio_readdev iio_reg iio_writedev)
@@ -51,7 +51,7 @@ if(PTHREAD_LIBRARIES)
 	add_executable(iio_adi_xflow_check iio_adi_xflow_check.c)
 	add_executable(iio_stresstest iio_stresstest.c)
 	target_link_libraries(iio_adi_xflow_check iio iio_tests_helper ${PTHREAD_LIBRARIES})
-	target_link_libraries(iio_stresstest iio ${PTHREAD_LIBRARIES})
+	target_link_libraries(iio_stresstest iio iio_tests_helper ${PTHREAD_LIBRARIES})
 	set(IIO_TESTS_TARGETS ${IIO_TESTS_TARGETS} iio_adi_xflow_check iio_stresstest)
 
 	target_link_libraries(iio_readdev  ${PTHREAD_LIBRARIES})

diff --git a/tests/iio_common.c b/tests/iio_common.c
@@ -21,10 +21,18 @@
 
 #include <iio.h>
 #include <stdio.h>
+#include <inttypes.h>
 
 #include "iio_common.h"
 #include "gen_code.h"
 
+#ifdef _MSC_BUILD
+#define inline __inline
+#define iio_snprintf sprintf_s
+#else
+#define iio_snprintf snprintf
+#endif
+
 void * xmalloc(size_t n, const char * name)
 {
 	void *p = malloc(n);
@@ -95,3 +103,28 @@ struct iio_context * autodetect_context(bool rtn, bool gen_code, const char * na
 	return ctx;
 }
 
+unsigned long int sanitize_clamp(const char *name, const char *argv,
+	uint64_t min, uint64_t max)
+{
+	unsigned long int val;
+	char buf[20];
+
+	if (!argv) {
+		val = 0;
+	} else {
+		/* sanitized buffer by taking first 20 (or less) char */
+		iio_snprintf(buf, sizeof(buf), "%s", argv);
+		val = strtoul(buf, NULL, 10);
+	}
+
+	if (val > max) {
+		val = max;
+		fprintf(stderr, "Clamped %s to max %" PRIu64 "\n", name, max);
+	}
+	if (val < min) {
+		val = min;
+		fprintf(stderr, "Clamped %s to min %" PRIu64 "\n", name, min);
+	}
+	return val;
+}
+
diff --git a/tests/iio_common.h b/tests/iio_common.h
@@ -40,5 +40,7 @@ enum backend {
 void * xmalloc(size_t n, const char *name);
 
 struct iio_context * autodetect_context(bool rtn, bool gen_code, const char *name);
+unsigned long int sanitize_clamp(const char *name, const char *argv,
+	uint64_t min, uint64_t max);
 
 #endif /* IIO_TESTS_COMMON_H */
diff --git a/tests/iio_readdev.c b/tests/iio_readdev.c
@@ -238,13 +238,13 @@ int main(int argc, char **argv)
 			trigger_name = optarg;
 			break;
 		case 'b':
-			buffer_size = atoi(optarg);
+			buffer_size = sanitize_clamp("buffer size", optarg, 64, 4 * 1024 * 1024);
 			break;
 		case 's':
-			num_samples = atoi(optarg);
+			num_samples = sanitize_clamp("number of samples", optarg, 0, SIZE_MAX);
 			break;
 		case 'T':
-			timeout = atoi(optarg);
+			timeout = sanitize_clamp("timeout", optarg, 0, INT_MAX);
 			break;
 		case '?':
 			return EXIT_FAILURE;

diff --git a/tests/iio_reg.c b/tests/iio_reg.c
@@ -24,7 +24,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 
-static int write_reg(const char *name, unsigned long addr, unsigned long val)
+#include "iio_common.h"
+
+static int write_reg(const char *name, uint32_t addr, uint32_t val)
 {
 	struct iio_device *dev;
 	struct iio_context *ctx;
@@ -103,12 +105,12 @@ int main(int argc, char **argv)
 		return 0;
 	}
 
-	addr = strtoul(argv[2], NULL, 0);
+	addr = sanitize_clamp("register address", argv[2], 0, UINT32_MAX);
 
 	if (argc == 3) {
 		return read_reg(argv[1], addr);
 	} else {
-		unsigned long val = strtoul(argv[3], NULL, 0);
+		uint32_t val = sanitize_clamp("register value", argv[3], 0, UINT32_MAX);
 		return write_reg(argv[1], addr, val);
 	}
 }
diff --git a/tests/iio_stresstest.c b/tests/iio_stresstest.c
@@ -37,13 +37,6 @@
 #define SAMPLES_PER_READ 256
 #define NUM_TIMESTAMPS (16*1024)
 
-#ifdef _MSC_BUILD
-#define inline __inline
-#define iio_snprintf sprintf_s
-#else
-#define iio_snprintf snprintf
-#endif
-
 static int getNumCores(void) {
 #ifdef _WIN32
 	SYSTEM_INFO sysinfo;
@@ -393,32 +386,6 @@ static void *client_thread(void *data)
 	return (void *)EXIT_FAILURE;
 }
 
-static unsigned long int sanitize_clamp(const char *name, const char *argv,
-		unsigned long int min, unsigned long int max)
-{
-
-	unsigned long int val;
-	char buf[20];
-
-	if (!argv) {
-		val = 0;
-	} else {
-		/* sanitized buffer by taking first 20 (or less) char */
-		iio_snprintf(buf, sizeof(buf), "%s", argv);
-		val = strtoul(buf, NULL, 10);
-	}
-
-	if (val > max) {
-		val = max;
-		fprintf(stderr, "Clamped %s to max %lu\n", name, max);
-	}
-	if (val < min) {
-		val = min;
-		fprintf(stderr, "Clamped %s to min %lu\n", name, min);
-	}
-	return val;
-}
-
 int main(int argc, char **argv)
 {
 	sigset_t set, oldset;

diff --git a/tests/iio_writedev.c b/tests/iio_writedev.c
@@ -248,13 +248,13 @@ int main(int argc, char **argv)
 			trigger_name = optarg;
 			break;
 		case 'b':
-			buffer_size = atoi(optarg);
+			buffer_size = sanitize_clamp("buffer size", optarg, 64, 4 * 1024 * 1024);
 			break;
 		case 's':
-			num_samples = atoi(optarg);
+			num_samples = sanitize_clamp("number of samples", optarg, 0, SIZE_MAX);
 			break;
 		case 'T':
-			timeout = atoi(optarg);
+			timeout = sanitize_clamp("timeout", optarg, 0, INT_MAX);
 			break;
 		case 'c':
 			cyclic_buffer = true;