From mboxrd@z Thu Jan 1 00:00:00 1970 From: Kay Sievers Date: Thu, 26 Feb 2004 02:22:45 +0000 Subject: [PATCH] udev - safer string handling - part three Message-Id: <20040226022245.GA27238@vrfy.org> MIME-Version: 1 Content-Type: multipart/mixed; boundary="mP3DRpeJDSE+ciuQ" List-Id: References: <20040226003100.GA27025@vrfy.org> In-Reply-To: <20040226003100.GA27025@vrfy.org> To: linux-hotplug@vger.kernel.org --mP3DRpeJDSE+ciuQ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Here we truncate our input strings from the environment to our defined limit. It's a bit theroretical but better check for it. It cleans up some magic length definitions and removes the code duplication in udev, udevtest and udevsend. udevd needs to be killed after installation, cause the message size is changed with this patch. Should we do this with the 'make install', like we do with the '.udevdb'? thanks, Kay --mP3DRpeJDSE+ciuQ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline; filename="06-truncate-input-strings.patch" diff -Nru a/namedev.c b/namedev.c --- a/namedev.c Thu Feb 26 03:09:18 2004 +++ b/namedev.c Thu Feb 26 03:09:18 2004 @@ -405,7 +405,7 @@ int fds[2]; pid_t pid; int value_set = 0; - char buffer[256]; + char buffer[255]; char *pos; retval = pipe(fds); diff -Nru a/udev.c b/udev.c --- a/udev.c Thu Feb 26 03:09:18 2004 +++ b/udev.c Thu Feb 26 03:09:18 2004 @@ -43,7 +43,7 @@ unsigned char logname[42]; void log_message (int level, const char *format, ...) { - va_list args; + va_list args; if (!udev_log) return; @@ -67,30 +67,6 @@ } } -static inline char *get_action(void) -{ - char *action; - - action = getenv("ACTION"); - return action; -} - -static inline char *get_devpath(void) -{ - char *devpath; - - devpath = getenv("DEVPATH"); - return devpath; -} - -static inline char *get_seqnum(void) -{ - char *seqnum; - - seqnum = getenv("SEQNUM"); - return seqnum; -} - static char *subsystem_blacklist[] = { "net", "scsi_host", @@ -130,7 +106,7 @@ } /* skip blacklisted subsystems */ - subsystem = argv[1]; + subsystem = get_subsystem(argv[1]); if (!subsystem) { dbg("no subsystem?"); goto exit; @@ -200,5 +176,3 @@ return udev_hotplug(argc, argv); } - - diff -Nru a/udev.h b/udev.h --- a/udev.h Thu Feb 26 03:09:18 2004 +++ b/udev.h Thu Feb 26 03:09:18 2004 @@ -23,6 +23,8 @@ #ifndef UDEV_H #define UDEV_H +#include +#include #include #include #include @@ -34,6 +36,10 @@ #define GROUP_SIZE 30 #define MODE_SIZE 8 +#define ACTION_SIZE 30 +#define DEVPATH_SIZE 255 +#define SUBSYSTEM_SIZE 30 + /* length of public data */ #define UDEVICE_LEN (offsetof(struct udevice, bus_id)) @@ -78,6 +84,45 @@ to[maxsize-1] = '\0'; \ strncat(to, from, maxsize - strlen(to)-1); \ } while (0) + +static inline char *get_action(void) +{ + char *action; + + action = getenv("ACTION"); + if (strlen(action) > ACTION_SIZE) + action[ACTION_SIZE-1] = '\0'; + + return action; +} + +static inline char *get_devpath(void) +{ + char *devpath; + + devpath = getenv("DEVPATH"); + if (strlen(devpath) > DEVPATH_SIZE) + devpath[DEVPATH_SIZE-1] = '\0'; + + return devpath; +} + +static inline char *get_seqnum(void) +{ + char *seqnum; + + seqnum = getenv("SEQNUM"); + + return seqnum; +} + +static inline char *get_subsystem(char *subsystem) +{ + if (strlen(subsystem) > SUBSYSTEM_SIZE) + subsystem[SUBSYSTEM_SIZE-1] = '\0'; + + return subsystem; +} extern int udev_add_device(char *path, char *subsystem, int fake); extern int udev_remove_device(char *path, char *subsystem); diff -Nru a/udevd.c b/udevd.c --- a/udevd.c Thu Feb 26 03:09:18 2004 +++ b/udevd.c Thu Feb 26 03:09:18 2004 @@ -119,8 +119,8 @@ static void udev_run(struct hotplug_msg *msg) { pid_t pid; - char action[32]; - char devpath[256]; + char action[ACTION_SIZE]; + char devpath[DEVPATH_SIZE]; char *env[] = { action, devpath, NULL }; snprintf(action, sizeof(action), "ACTION=%s", msg->action); diff -Nru a/udevd.h b/udevd.h --- a/udevd.h Thu Feb 26 03:09:18 2004 +++ b/udevd.h Thu Feb 26 03:09:18 2004 @@ -35,7 +35,7 @@ pid_t pid; int seqnum; time_t queue_time; - char action[8]; - char devpath[128]; - char subsystem[16]; + char action[ACTION_SIZE]; + char devpath[DEVPATH_SIZE]; + char subsystem[SUBSYSTEM_SIZE]; }; diff -Nru a/udevsend.c b/udevsend.c --- a/udevsend.c Thu Feb 26 03:09:18 2004 +++ b/udevsend.c Thu Feb 26 03:09:18 2004 @@ -52,30 +52,6 @@ } #endif -static inline char *get_action(void) -{ - char *action; - - action = getenv("ACTION"); - return action; -} - -static inline char *get_devpath(void) -{ - char *devpath; - - devpath = getenv("DEVPATH"); - return devpath; -} - -static inline char *get_seqnum(void) -{ - char *seqnum; - - seqnum = getenv("SEQNUM"); - return seqnum; -} - static int build_hotplugmsg(struct hotplug_msg *msg, char *action, char *devpath, char *subsystem, int seqnum) { @@ -144,7 +120,7 @@ #endif dbg("version %s", UDEV_VERSION); - subsystem = argv[1]; + subsystem = get_subsystem(argv[1]); if (subsystem == NULL) { dbg("no subsystem"); goto exit; diff -Nru a/udevtest.c b/udevtest.c --- a/udevtest.c Thu Feb 26 03:09:18 2004 +++ b/udevtest.c Thu Feb 26 03:09:18 2004 @@ -66,30 +66,6 @@ } } -static inline char *get_action(void) -{ - char *action; - - action = getenv("ACTION"); - return action; -} - -static inline char *get_devpath(void) -{ - char *devpath; - - devpath = getenv("DEVPATH"); - return devpath; -} - -static inline char *get_seqnum(void) -{ - char *seqnum; - - seqnum = getenv("SEQNUM"); - return seqnum; -} - static char *subsystem_blacklist[] = { "net", "scsi_host", --mP3DRpeJDSE+ciuQ-- ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Linux-hotplug-devel mailing list http://linux-hotplug.sourceforge.net Linux-hotplug-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel