From 503fa9bf9cc863295ab1842ac320c9d0985e009f Mon Sep 17 00:00:00 2001 From: Robin Getz Date: Sun, 19 Apr 2020 11:50:57 -0400 Subject: [PATCH] tests: use sanitize_clamp to qualify all command line input Now we have a way to share functions, share one more. https://cwe.mitre.org/data/definitions/190.html warns on atoi, so use the sanitize_clamp to ensure that things look OK before using them. Signed-off-by: Robin Getz --- tests/CMakeLists.txt | 4 ++-- tests/iio_common.c | 33 +++++++++++++++++++++++++++++++++ tests/iio_common.h | 2 ++ tests/iio_readdev.c | 6 +++--- tests/iio_reg.c | 8 +++++--- tests/iio_stresstest.c | 33 --------------------------------- tests/iio_writedev.c | 6 +++--- 7 files changed, 48 insertions(+), 44 deletions(-) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index c273f9bf4..6ebc64a9f 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -40,7 +40,7 @@ target_link_libraries(iio_genxml iio) target_link_libraries(iio_info iio iio_tests_helper) target_link_libraries(iio_attr iio iio_tests_helper) target_link_libraries(iio_readdev iio iio_tests_helper) -target_link_libraries(iio_reg iio) +target_link_libraries(iio_reg iio iio_tests_helper) target_link_libraries(iio_writedev iio iio_tests_helper) set(IIO_TESTS_TARGETS iio_genxml iio_info iio_attr iio_readdev iio_reg iio_writedev) @@ -51,7 +51,7 @@ if(PTHREAD_LIBRARIES) add_executable(iio_adi_xflow_check iio_adi_xflow_check.c) add_executable(iio_stresstest iio_stresstest.c) target_link_libraries(iio_adi_xflow_check iio iio_tests_helper ${PTHREAD_LIBRARIES}) - target_link_libraries(iio_stresstest iio ${PTHREAD_LIBRARIES}) + target_link_libraries(iio_stresstest iio iio_tests_helper ${PTHREAD_LIBRARIES}) set(IIO_TESTS_TARGETS ${IIO_TESTS_TARGETS} iio_adi_xflow_check iio_stresstest) target_link_libraries(iio_readdev ${PTHREAD_LIBRARIES}) diff --git a/tests/iio_common.c b/tests/iio_common.c index b8f097ec0..1db1956d6 100644 --- a/tests/iio_common.c +++ b/tests/iio_common.c @@ -21,10 +21,18 @@ #include #include +#include #include "iio_common.h" #include "gen_code.h" +#ifdef _MSC_BUILD +#define inline __inline +#define iio_snprintf sprintf_s +#else +#define iio_snprintf snprintf +#endif + void * xmalloc(size_t n, const char * name) { void *p = malloc(n); @@ -95,3 +103,28 @@ struct iio_context * autodetect_context(bool rtn, bool gen_code, const char * na return ctx; } +unsigned long int sanitize_clamp(const char *name, const char *argv, + uint64_t min, uint64_t max) +{ + unsigned long int val; + char buf[20]; + + if (!argv) { + val = 0; + } else { + /* sanitized buffer by taking first 20 (or less) char */ + iio_snprintf(buf, sizeof(buf), "%s", argv); + val = strtoul(buf, NULL, 10); + } + + if (val > max) { + val = max; + fprintf(stderr, "Clamped %s to max %" PRIu64 "\n", name, max); + } + if (val < min) { + val = min; + fprintf(stderr, "Clamped %s to min %" PRIu64 "\n", name, min); + } + return val; +} + diff --git a/tests/iio_common.h b/tests/iio_common.h index df3b3b27a..8f03bdaab 100644 --- a/tests/iio_common.h +++ b/tests/iio_common.h @@ -40,5 +40,7 @@ enum backend { void * xmalloc(size_t n, const char *name); struct iio_context * autodetect_context(bool rtn, bool gen_code, const char *name); +unsigned long int sanitize_clamp(const char *name, const char *argv, + uint64_t min, uint64_t max); #endif /* IIO_TESTS_COMMON_H */ diff --git a/tests/iio_readdev.c b/tests/iio_readdev.c index d4256b00d..c8fdb52f4 100644 --- a/tests/iio_readdev.c +++ b/tests/iio_readdev.c @@ -238,13 +238,13 @@ int main(int argc, char **argv) trigger_name = optarg; break; case 'b': - buffer_size = atoi(optarg); + buffer_size = sanitize_clamp("buffer size", optarg, 64, 4 * 1024 * 1024); break; case 's': - num_samples = atoi(optarg); + num_samples = sanitize_clamp("number of samples", optarg, 0, SIZE_MAX); break; case 'T': - timeout = atoi(optarg); + timeout = sanitize_clamp("timeout", optarg, 0, INT_MAX); break; case '?': return EXIT_FAILURE; diff --git a/tests/iio_reg.c b/tests/iio_reg.c index 2f6d88cf9..538705913 100644 --- a/tests/iio_reg.c +++ b/tests/iio_reg.c @@ -24,7 +24,9 @@ #include #include -static int write_reg(const char *name, unsigned long addr, unsigned long val) +#include "iio_common.h" + +static int write_reg(const char *name, uint32_t addr, uint32_t val) { struct iio_device *dev; struct iio_context *ctx; @@ -103,12 +105,12 @@ int main(int argc, char **argv) return 0; } - addr = strtoul(argv[2], NULL, 0); + addr = sanitize_clamp("register address", argv[2], 0, UINT32_MAX); if (argc == 3) { return read_reg(argv[1], addr); } else { - unsigned long val = strtoul(argv[3], NULL, 0); + uint32_t val = sanitize_clamp("register value", argv[3], 0, UINT32_MAX); return write_reg(argv[1], addr, val); } } diff --git a/tests/iio_stresstest.c b/tests/iio_stresstest.c index e28b16c38..190c8b726 100644 --- a/tests/iio_stresstest.c +++ b/tests/iio_stresstest.c @@ -37,13 +37,6 @@ #define SAMPLES_PER_READ 256 #define NUM_TIMESTAMPS (16*1024) -#ifdef _MSC_BUILD -#define inline __inline -#define iio_snprintf sprintf_s -#else -#define iio_snprintf snprintf -#endif - static int getNumCores(void) { #ifdef _WIN32 SYSTEM_INFO sysinfo; @@ -393,32 +386,6 @@ static void *client_thread(void *data) return (void *)EXIT_FAILURE; } -static unsigned long int sanitize_clamp(const char *name, const char *argv, - unsigned long int min, unsigned long int max) -{ - - unsigned long int val; - char buf[20]; - - if (!argv) { - val = 0; - } else { - /* sanitized buffer by taking first 20 (or less) char */ - iio_snprintf(buf, sizeof(buf), "%s", argv); - val = strtoul(buf, NULL, 10); - } - - if (val > max) { - val = max; - fprintf(stderr, "Clamped %s to max %lu\n", name, max); - } - if (val < min) { - val = min; - fprintf(stderr, "Clamped %s to min %lu\n", name, min); - } - return val; -} - int main(int argc, char **argv) { sigset_t set, oldset; diff --git a/tests/iio_writedev.c b/tests/iio_writedev.c index 85319fba6..c3e85f122 100644 --- a/tests/iio_writedev.c +++ b/tests/iio_writedev.c @@ -248,13 +248,13 @@ int main(int argc, char **argv) trigger_name = optarg; break; case 'b': - buffer_size = atoi(optarg); + buffer_size = sanitize_clamp("buffer size", optarg, 64, 4 * 1024 * 1024); break; case 's': - num_samples = atoi(optarg); + num_samples = sanitize_clamp("number of samples", optarg, 0, SIZE_MAX); break; case 'T': - timeout = atoi(optarg); + timeout = sanitize_clamp("timeout", optarg, 0, INT_MAX); break; case 'c': cyclic_buffer = true;