From: Alon Levy <alevy@redhat.com>
To: Christophe Fergeau <cfergeau@redhat.com>
Cc: qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PATCH 1/2] libcacard: fix soft=... parsing in vcard_emul_options
Date: Fri, 24 Jun 2011 18:51:51 +0200 [thread overview]
Message-ID: <20110624165151.GA2731@bow.redhat.com> (raw)
In-Reply-To: <1308926260-11995-1-git-send-email-cfergeau@redhat.com>
On Fri, Jun 24, 2011 at 04:37:39PM +0200, Christophe Fergeau wrote:
> The previous parser had copy and paste errors when computing
> vname_length and type_params_length, "name" was used instead
> of respectively vname and type_params. This led to length that could
> be bigger than the input string, and to access out of the array
> bounds when trying to copy these strings. valgrind rightfully
> complained about this. It also didn't handle empty fields correctly,
> and there were some args = strip(args++); which also didn't do what
> was expected.
Aren't there token parsing functions in libc that can be used if we
want to fix the repetitiveness?
>
> Since the token parsing is always the same, I factored all the
> repetitive code in a NEXT_TOKEN macro.
>
> Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
> ---
> libcacard/vcard_emul_nss.c | 90 +++++++++++++++++++-------------------------
> 1 files changed, 39 insertions(+), 51 deletions(-)
>
> diff --git a/libcacard/vcard_emul_nss.c b/libcacard/vcard_emul_nss.c
> index f3db657..2a20bd6 100644
> --- a/libcacard/vcard_emul_nss.c
> +++ b/libcacard/vcard_emul_nss.c
> @@ -975,13 +975,31 @@ find_blank(const char *str)
> static VCardEmulOptions options;
> #define READER_STEP 4
>
> +/* Expects "args" to be at the beginning of a token (ie right after the ','
> + * ending the previous token), and puts the next token start in "token",
> + * and its length in "token_length". "token" will not be nul-terminated.
> + * After calling the macro, "args" will be advanced to the beginning of
> + * the next token.
> + * This macro may call continue or break.
> + */
> +#define NEXT_TOKEN(token) \
> + (token) = args; \
> + args = strpbrk(args, ",)"); \
> + if (*args == 0) { \
> + break; \
> + } \
> + if (*args == ')') { \
> + args++; \
> + continue; \
> + } \
> + (token##_length) = args - (token); \
> + args = strip(args+1);
> +
> VCardEmulOptions *
> vcard_emul_options(const char *args)
> {
> int reader_count = 0;
> VCardEmulOptions *opts;
> - char type_str[100];
> - int type_len;
>
> /* Allow the future use of allocating the options structure on the fly */
> memcpy(&options, &default_options, sizeof(options));
> @@ -996,63 +1014,32 @@ vcard_emul_options(const char *args)
> * cert_2,cert_3...) */
> if (strncmp(args, "soft=", 5) == 0) {
> const char *name;
> + size_t name_length;
> const char *vname;
> + size_t vname_length;
> const char *type_params;
> + size_t type_params_length;
> + char type_str[100];
> VCardEmulType type;
> - int name_length, vname_length, type_params_length, count, i;
> + int count, i;
> VirtualReaderOptions *vreaderOpt = NULL;
>
> args = strip(args + 5);
> if (*args != '(') {
> continue;
> }
> - name = args;
> - args = strpbrk(args + 1, ",)");
> - if (*args == 0) {
> - break;
> - }
> - if (*args == ')') {
> - args++;
> - continue;
> - }
> - args = strip(args+1);
> - name_length = args - name - 2;
> - vname = args;
> - args = strpbrk(args + 1, ",)");
> - if (*args == 0) {
> - break;
> - }
> - if (*args == ')') {
> - args++;
> - continue;
> - }
> - vname_length = args - name - 2;
> args = strip(args+1);
> - type_len = strpbrk(args, ",)") - args;
> - assert(sizeof(type_str) > type_len);
> - strncpy(type_str, args, type_len);
> - type_str[type_len] = 0;
> +
> + NEXT_TOKEN(name)
> + NEXT_TOKEN(vname)
> + NEXT_TOKEN(type_params)
> + type_params_length = MIN(type_params_length, sizeof(type_str)-1);
> + strncpy(type_str, type_params, type_params_length);
> + type_str[type_params_length] = 0;
> type = vcard_emul_type_from_string(type_str);
> - args = strpbrk(args, ",)");
> - if (*args == 0) {
> - break;
> - }
> - if (*args == ')') {
> - args++;
> - continue;
> - }
> - args = strip(args++);
> - type_params = args;
> - args = strpbrk(args + 1, ",)");
> - if (*args == 0) {
> - break;
> - }
> - if (*args == ')') {
> - args++;
> - continue;
> - }
> - type_params_length = args - name;
> - args = strip(args++);
> +
> + NEXT_TOKEN(type_params)
> +
> if (*args == 0) {
> break;
> }
> @@ -1072,13 +1059,14 @@ vcard_emul_options(const char *args)
> vreaderOpt->card_type = type;
> vreaderOpt->type_params =
> copy_string(type_params, type_params_length);
> - count = count_tokens(args, ',', ')');
> + count = count_tokens(args, ',', ')') + 1;
> vreaderOpt->cert_count = count;
> vreaderOpt->cert_name = (char **)qemu_malloc(count*sizeof(char *));
> for (i = 0; i < count; i++) {
> - const char *cert = args + 1;
> - args = strpbrk(args + 1, ",)");
> + const char *cert = args;
> + args = strpbrk(args, ",)");
> vreaderOpt->cert_name[i] = copy_string(cert, args - cert);
> + args = strip(args+1);
> }
> if (*args == ')') {
> args++;
> --
> 1.7.5.4
>
>
next prev parent reply other threads:[~2011-06-24 16:52 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-06-24 14:37 [Qemu-devel] [PATCH 1/2] libcacard: fix soft=... parsing in vcard_emul_options Christophe Fergeau
2011-06-24 14:37 ` [Qemu-devel] [PATCH 2/2] libcacard: replace copy_string with strndup Christophe Fergeau
2011-06-24 14:52 ` Alon Levy
2011-06-24 16:51 ` Alon Levy [this message]
2011-06-27 12:13 ` [Qemu-devel] [PATCH 1/2] libcacard: fix soft=... parsing in vcard_emul_options Christophe Fergeau
2011-06-27 15:27 ` [Qemu-devel] [PATCHv2 0/4] libcacard fixes Christophe Fergeau
2011-06-27 15:27 ` [Qemu-devel] [PATCHv2 1/4] libcacard: s/strip(args++)/strip(args+1) Christophe Fergeau
2011-06-27 15:27 ` [Qemu-devel] [PATCHv2 2/4] libcacard: fix soft=... parsing in vcard_emul_options Christophe Fergeau
2011-06-27 15:27 ` [Qemu-devel] [PATCHv2 3/4] libcacard: introduce NEXT_TOKEN macro Christophe Fergeau
2011-06-27 15:27 ` [Qemu-devel] [PATCHv2 4/4] libcacard: replace copy_string with strndup Christophe Fergeau
2011-06-27 19:57 ` [Qemu-devel] [PATCHv2 0/4] libcacard fixes Alon Levy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110624165151.GA2731@bow.redhat.com \
--to=alevy@redhat.com \
--cc=cfergeau@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).