diff options
| author | Bui Nguyen Quoc Thanh <thanh.buinguyenquoc@vn.bosch.com> | 2021-05-10 14:02:41 +0700 |
|---|---|---|
| committer | Bui Nguyen Quoc Thanh <thanh.buinguyenquoc@vn.bosch.com> | 2021-05-10 14:02:41 +0700 |
| commit | ad8a6ab070803f2b0e0fa177fd6638c10db2dde3 (patch) | |
| tree | c193ae5c2b919f89415a815b78ab54a7661a2619 | |
| parent | b95044abb202838837b0566efc40ae26308a4bb4 (diff) | |
| download | DLT-daemon-ad8a6ab070803f2b0e0fa177fd6638c10db2dde3.tar.gz | |
daemon: check the conf inputs
The configuration of memory buffer size must be carefully
parsed and validated to avoid segmentation fault
Any misleading information in configuration file must be
considered as major error and dlt-daemon should stop
and raise error message to stderr
This commit also corrects error handling of
dlt_buffer_init_dynamic().
Signed-off-by: Bui Nguyen Quoc Thanh <thanh.buinguyenquoc@vn.bosch.com>
| -rw-r--r-- | src/daemon/dlt-daemon.c | 40 | ||||
| -rw-r--r-- | src/daemon/dlt_daemon_common.c | 6 | ||||
| -rw-r--r-- | src/shared/dlt_common.c | 8 |
3 files changed, 47 insertions, 7 deletions
diff --git a/src/daemon/dlt-daemon.c b/src/daemon/dlt-daemon.c index d26de79..912cd2c 100644 --- a/src/daemon/dlt-daemon.c +++ b/src/daemon/dlt-daemon.c @@ -89,6 +89,10 @@ static int dlt_daemon_log_internal(DltDaemon *daemon, DltDaemonLocal *daemon_local, char *str, int verbose); +static int dlt_daemon_check_numeric_setting(char *token, + char *value, + unsigned long *data); + #ifdef DLT_SYSTEMD_WATCHDOG_ENABLE static uint32_t watchdog_trigger_interval; /* watchdog trigger interval in [s] */ #endif @@ -98,6 +102,9 @@ int g_exit = 0; int g_signo = 0; +/* used for value from conf file */ +static int value_length = 1024; + static char dlt_timer_conn_types[DLT_TIMER_UNKNOWN + 1] = { [DLT_TIMER_PACKET] = DLT_CONNECTION_ONE_S_TIMER, [DLT_TIMER_ECU] = DLT_CONNECTION_SIXTY_S_TIMER, @@ -318,7 +325,6 @@ int option_handling(DltDaemonLocal *daemon_local, int argc, char *argv[]) int option_file_parser(DltDaemonLocal *daemon_local) { FILE *pFile; - int value_length = 1024; char line[value_length - 1]; char token[value_length]; char value[value_length]; @@ -531,19 +537,27 @@ int option_file_parser(DltDaemonLocal *daemon_local) } else if (strcmp(token, "RingbufferMinSize") == 0) { - sscanf(value, "%lu", &(daemon_local->RingbufferMinSize)); + if (dlt_daemon_check_numeric_setting(token, + value, &(daemon_local->RingbufferMinSize)) < 0) + return -1; } else if (strcmp(token, "RingbufferMaxSize") == 0) { - sscanf(value, "%lu", &(daemon_local->RingbufferMaxSize)); + if (dlt_daemon_check_numeric_setting(token, + value, &(daemon_local->RingbufferMaxSize)) < 0) + return -1; } else if (strcmp(token, "RingbufferStepSize") == 0) { - sscanf(value, "%lu", &(daemon_local->RingbufferStepSize)); + if (dlt_daemon_check_numeric_setting(token, + value, &(daemon_local->RingbufferStepSize)) < 0) + return -1; } else if (strcmp(token, "DaemonFIFOSize") == 0) { - sscanf(value, "%lu", &(daemon_local->daemonFifoSize)); + if (dlt_daemon_check_numeric_setting(token, + value, &(daemon_local->daemonFifoSize)) < 0) + return -1; } else if (strcmp(token, "SharedMemorySize") == 0) { @@ -1909,6 +1923,22 @@ int dlt_daemon_log_internal(DltDaemon *daemon, DltDaemonLocal *daemon_local, cha return 0; } +int dlt_daemon_check_numeric_setting(char *token, + char *value, + unsigned long *data) +{ + char value_check[value_length]; + value_check[0] = 0; + sscanf(value, "%lu%s", data, value_check); + if (value_check[0] || !isdigit(value[0])) { + fprintf(stderr, "Invalid input [%s] detected in option %s\n", + value, + token); + return -1; + } + return 0; +} + int dlt_daemon_process_client_connect(DltDaemon *daemon, DltDaemonLocal *daemon_local, DltReceiver *receiver, diff --git a/src/daemon/dlt_daemon_common.c b/src/daemon/dlt_daemon_common.c index 5273433..e56b751 100644 --- a/src/daemon/dlt_daemon_common.c +++ b/src/daemon/dlt_daemon_common.c @@ -236,8 +236,10 @@ int dlt_daemon_init(DltDaemon *daemon, dlt_vlog(LOG_INFO, "Ringbuffer configuration: %lu/%lu/%lu\n", RingbufferMinSize, RingbufferMaxSize, RingbufferStepSize); - if (dlt_buffer_init_dynamic(&(daemon->client_ringbuffer), (uint32_t) RingbufferMinSize, (uint32_t) RingbufferMaxSize, - (uint32_t) RingbufferStepSize) == DLT_RETURN_ERROR) + if (dlt_buffer_init_dynamic(&(daemon->client_ringbuffer), + (uint32_t) RingbufferMinSize, + (uint32_t) RingbufferMaxSize, + (uint32_t) RingbufferStepSize) < DLT_RETURN_OK) return -1; daemon->storage_handle = NULL; diff --git a/src/shared/dlt_common.c b/src/shared/dlt_common.c index 9fe6c88..507c8ad 100644 --- a/src/shared/dlt_common.c +++ b/src/shared/dlt_common.c @@ -2350,6 +2350,14 @@ DltReturnValue dlt_buffer_init_dynamic(DltBuffer *buf, uint32_t min_size, uint32 head->write = 0; head->count = 0; buf->mem = (unsigned char *)(buf->shm + sizeof(DltBufferHead)); + + if (buf->min_size < (uint32_t)sizeof(DltBufferHead)) { + dlt_vlog(LOG_ERR, + "%s: min_size is too small [%u]\n", + __func__, buf->min_size); + return DLT_RETURN_WRONG_PARAMETER; + } + buf->size = (uint32_t) (buf->min_size - sizeof(DltBufferHead)); dlt_vlog(LOG_DEBUG, |