When adding values to config info, add string length checks instead of silently truncating. Increase the size of the buffer used to read from a config file so that there will be enough space for longest entries.
Signed-off-by: Stephen Hemminger <[email protected]> --- lib/cfgfile/rte_cfgfile.c | 36 +++++++++++++++++++++++++++--------- 1 file changed, 27 insertions(+), 9 deletions(-) diff --git a/lib/cfgfile/rte_cfgfile.c b/lib/cfgfile/rte_cfgfile.c index 9723ec756f..74a8bf7aae 100644 --- a/lib/cfgfile/rte_cfgfile.c +++ b/lib/cfgfile/rte_cfgfile.c @@ -2,6 +2,7 @@ * Copyright(c) 2010-2014 Intel Corporation */ +#include <assert.h> #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -106,6 +107,9 @@ static int _add_entry(struct rte_cfgfile_section *section, const char *entryname, const char *entryvalue) { + if (strlen(entryname) >= CFG_NAME_LEN || strlen(entryvalue) >= CFG_VALUE_LEN) + return -ENAMETOOLONG; + /* resize entry structure if we don't have room for more entries */ if (section->num_entries == section->allocated_entries) { struct rte_cfgfile_entry *n_entries = realloc( @@ -167,12 +171,16 @@ rte_cfgfile_load(const char *filename, int flags) &default_cfgfile_params); } +/* Need enough space for largest name and value */ +static_assert(LINE_MAX > CFG_NAME_LEN + CFG_VALUE_LEN + 4, + "not enough space for cfgfile name/value"); + RTE_EXPORT_SYMBOL(rte_cfgfile_load_with_params) struct rte_cfgfile * rte_cfgfile_load_with_params(const char *filename, int flags, const struct rte_cfgfile_parameters *params) { - char buffer[CFG_NAME_LEN + CFG_VALUE_LEN + 4]; + char buffer[LINE_MAX]; int lineno = 0; struct rte_cfgfile *cfg; @@ -219,7 +227,13 @@ rte_cfgfile_load_with_params(const char *filename, int flags, *end = '\0'; _strip(&buffer[1], end - &buffer[1]); - rte_cfgfile_add_section(cfg, &buffer[1]); + int ret = rte_cfgfile_add_section(cfg, &buffer[1]); + if (ret != 0) { + CFG_LOG(ERR, + "line %d - add section failed: %s", + lineno, strerror(-ret)); + goto error1; + } } else { /* key and value line */ char *split[2] = {NULL}; @@ -260,8 +274,13 @@ rte_cfgfile_load_with_params(const char *filename, int flags, if (cfg->num_sections == 0) goto error1; - _add_entry(&cfg->sections[cfg->num_sections - 1], - split[0], split[1]); + int ret = _add_entry(&cfg->sections[cfg->num_sections - 1], + split[0], split[1]); + if (ret != 0) { + CFG_LOG(ERR, + "line %d - add entry failed: %s", lineno, strerror(-ret)); + goto error1; + } } } fclose(f); @@ -341,6 +360,9 @@ rte_cfgfile_add_section(struct rte_cfgfile *cfg, const char *sectionname) if (sectionname == NULL) return -EINVAL; + if (strlen(sectionname) >= CFG_NAME_LEN) + return -ENAMETOOLONG; + /* resize overall struct if we don't have room for more sections */ if (cfg->num_sections == cfg->allocated_sections) { @@ -376,8 +398,6 @@ int rte_cfgfile_add_entry(struct rte_cfgfile *cfg, const char *sectionname, const char *entryname, const char *entryvalue) { - int ret; - if ((cfg == NULL) || (sectionname == NULL) || (entryname == NULL) || (entryvalue == NULL)) return -EINVAL; @@ -391,9 +411,7 @@ int rte_cfgfile_add_entry(struct rte_cfgfile *cfg, if (curr_section == NULL) return -EINVAL; - ret = _add_entry(curr_section, entryname, entryvalue); - - return ret; + return _add_entry(curr_section, entryname, entryvalue); } RTE_EXPORT_SYMBOL(rte_cfgfile_set_entry) -- 2.51.0
