From 2707c56c27dd564fd901260bdb586fb04ae92fce Mon Sep 17 00:00:00 2001 From: Alex Kotov Date: Wed, 2 Dec 2020 02:54:18 +0500 Subject: [PATCH] Check bounds in command line parser --- src/cmdline.c | 21 ++++++++++++++++++++- tests/test_cmdline.c | 5 ++++- 2 files changed, 24 insertions(+), 2 deletions(-) diff --git a/src/cmdline.c b/src/cmdline.c index 58dbb9c..b590335 100644 --- a/src/cmdline.c +++ b/src/cmdline.c @@ -44,7 +44,15 @@ kernaux_bool kernaux_cmdline_parse( if ((cur == ' ' || cur == '\0') && prev != ' ') { const unsigned size = index - start + 1; - // TODO: check size + if (*argc >= argv_count_max) { + kernaux_strncpy(error_msg, "too many args", 13); + goto fail; + } + + if (size > arg_size_max) { + kernaux_strncpy(error_msg, "arg too long", 12); + goto fail; + } argv[(*argc)++] = buffer; kernaux_strncpy(buffer, &cmdline[start], size - 1); @@ -61,4 +69,15 @@ kernaux_bool kernaux_cmdline_parse( } return KERNAUX_TRUE; + +fail: + *argc = 0; + + for (unsigned int index = 0; index < argv_count_max; ++index) { + argv[index] = KERNAUX_NULL; + } + + kernaux_memset(buffer, '\0', argv_count_max * arg_size_max); + + return KERNAUX_FALSE; } diff --git a/tests/test_cmdline.c b/tests/test_cmdline.c index f169c8a..c6b1675 100644 --- a/tests/test_cmdline.c +++ b/tests/test_cmdline.c @@ -41,6 +41,9 @@ int main() test(" foo bar ", 0, 0, true, "", 2, argv_foo_bar); test("foo bar car", 0, 0, true, "", 3, argv_foo_bar_car); + test("foo bar car", 2, 0, false, "too many args", 0, argv0); + test("foo bar car", 0, 2, false, "arg too long", 0, argv0); + return 0; } @@ -86,7 +89,7 @@ void test( assert(strcmp(argv[index], expected_argv[index]) == 0); } - for (unsigned int index = argc; index < ARGV_COUNT_MAX; ++index) { + for (unsigned int index = argc; index < argv_count_max; ++index) { assert(argv[index] == KERNAUX_NULL); } }