From patchwork Tue Jan 28 17:27:08 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Oberhollenzer X-Patchwork-Id: 1230452 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=sigma-star.at Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20170209 header.b=Wmv0IHSX; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 486YVD6vqtz9sNT for ; Wed, 29 Jan 2020 04:28:04 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=Lk40rXnDZGgc/1RehXEP0HqNjqMX7zDqdsQliNyOtTU=; b=Wmv0IHSX+BvoKK ack5uCbApO9MCbtRv1nuJpA3rA8e4+cv1xg+fMd+bOSk9pUIeoMuh03e2oNM8yjhIw1qnJSsDMSIH HySd6rkTLqY0AEdW84Unz0SDGdG7QFj++GqlAd5xeWf19aTrhkjZKDb3qyFRhSITq7eJfFWDTm21a 24zsEe44HhOchftss2etiDQ+B1IwRMgv5lJm5hp8cPWxL6teUPT9cSy/rsTlTF33bqreJbBZCAzxR yAAk64YsosXMdIYRxxScV4bWyr9VG0m7D/JayODOp2JyTTE8TzFB8GfzTnFelZkMNBjoNYwjbSnhd L0/kWz2KGjE3NBPI9cww==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1iwUeS-0000ux-1Z; Tue, 28 Jan 2020 17:27:48 +0000 Received: from lilium.sigma-star.at ([109.75.188.150]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1iwUeC-0000iU-PQ for linux-mtd@lists.infradead.org; Tue, 28 Jan 2020 17:27:34 +0000 Received: from localhost (localhost [127.0.0.1]) by lilium.sigma-star.at (Postfix) with ESMTP id C0C5C181522E8; Tue, 28 Jan 2020 18:27:29 +0100 (CET) Received: from lilium.sigma-star.at ([127.0.0.1]) by localhost (lilium.sigma-star.at [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id QPOVBHiT77DD; Tue, 28 Jan 2020 18:27:28 +0100 (CET) Received: from lilium.sigma-star.at ([127.0.0.1]) by localhost (lilium.sigma-star.at [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id wMM1xQd7laqf; Tue, 28 Jan 2020 18:27:26 +0100 (CET) From: David Oberhollenzer To: linux-mtd@lists.infradead.org Subject: [PATCH 1/8] mtd-utils: Fix printf format specifies with the wrong type Date: Tue, 28 Jan 2020 18:27:08 +0100 Message-Id: <20200128172715.19545-2-david.oberhollenzer@sigma-star.at> X-Mailer: git-send-email 2.24.1 In-Reply-To: <20200128172715.19545-1-david.oberhollenzer@sigma-star.at> References: <20200128172715.19545-1-david.oberhollenzer@sigma-star.at> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200128_092733_128603_E79C2A86 X-CRM114-Status: GOOD ( 11.72 ) X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.3 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 T_SPF_PERMERROR SPF: test of record failed (permerror) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: richard@nod.at, David Oberhollenzer Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: David Oberhollenzer --- misc-utils/flashcp.c | 8 ++++---- tests/ubi-tests/io_paral.c | 4 ++-- tests/ubi-tests/io_read.c | 2 +- tests/ubi-tests/io_update.c | 4 ++-- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/misc-utils/flashcp.c b/misc-utils/flashcp.c index b6ad2f9..1270422 100644 --- a/misc-utils/flashcp.c +++ b/misc-utils/flashcp.c @@ -337,12 +337,12 @@ int main (int argc,char *argv[]) if (result < 0) { log_printf (LOG_ERROR, - "While writing data to 0x%.8x-0x%.8x on %s: %m\n", + "While writing data to 0x%.8lx-0x%.8lx on %s: %m\n", written,written + i,device); exit (EXIT_FAILURE); } log_printf (LOG_ERROR, - "Short write count returned while writing to x%.8x-0x%.8x on %s: %d/%llu bytes written to flash\n", + "Short write count returned while writing to x%.8lx-0x%.8lx on %s: %lu/%llu bytes written to flash\n", written,written + i,device,written + result,(unsigned long long)filestat.st_size); exit (EXIT_FAILURE); } @@ -372,7 +372,7 @@ int main (int argc,char *argv[]) if (size < BUFSIZE) i = size; if (flags & FLAG_VERBOSE) log_printf (LOG_NORMAL, - "\rVerifying data: %dk/%lluk (%llu%%)", + "\rVerifying data: %luk/%lluk (%llu%%)", KB (written + i), KB ((unsigned long long)filestat.st_size), PERCENTAGE (written + i,(unsigned long long)filestat.st_size)); @@ -387,7 +387,7 @@ int main (int argc,char *argv[]) if (memcmp (src,dest,i)) { log_printf (LOG_ERROR, - "File does not seem to match flash data. First mismatch at 0x%.8x-0x%.8x\n", + "File does not seem to match flash data. First mismatch at 0x%.8lx-0x%.8lx\n", written,written + i); exit (EXIT_FAILURE); } diff --git a/tests/ubi-tests/io_paral.c b/tests/ubi-tests/io_paral.c index 4040b3e..b0884fe 100644 --- a/tests/ubi-tests/io_paral.c +++ b/tests/ubi-tests/io_paral.c @@ -207,7 +207,7 @@ static void *write_thread(void *ptr) ret = pwrite(fd, wbuf, dev_info.leb_size, offs); if (ret != dev_info.leb_size) { failed("pwrite"); - errorm("cannot write %d bytes to offs %lld, wrote %d", + errorm("cannot write %d bytes to offs %ld, wrote %d", dev_info.leb_size, offs, ret); break; } @@ -216,7 +216,7 @@ static void *write_thread(void *ptr) ret = pread(fd, rbuf, dev_info.leb_size, offs); if (ret != dev_info.leb_size) { failed("read"); - errorm("failed to read %d bytes at offset %d " + errorm("failed to read %d bytes at offset %ld " "of volume %d", dev_info.leb_size, offs, vol_id); break; diff --git a/tests/ubi-tests/io_read.c b/tests/ubi-tests/io_read.c index f944a86..a6cc8f5 100644 --- a/tests/ubi-tests/io_read.c +++ b/tests/ubi-tests/io_read.c @@ -233,7 +233,7 @@ static int test_read2(const struct ubi_vol_info *vol_info, int len) continue; if (test_read3(vol_info, len, offsets[i])) { - errorm("offset = %d", offsets[i]); + errorm("offset = %ld", offsets[i]); return -1; } } diff --git a/tests/ubi-tests/io_update.c b/tests/ubi-tests/io_update.c index f48df1d..d093da5 100644 --- a/tests/ubi-tests/io_update.c +++ b/tests/ubi-tests/io_update.c @@ -189,11 +189,11 @@ static int test_update1(struct ubi_vol_info *vol_info, int leb_change) ret = read(fd, buf1, test_len); if (ret < 0) { failed("read"); - errorm("failed to read %d bytes", test_len); + errorm("failed to read %lld bytes", test_len); goto close; } if (ret != test_len) { - errorm("failed to read %d bytes, read %d", test_len, ret); + errorm("failed to read %lld bytes, read %d", test_len, ret); goto close; } if (memcmp(buf, buf1, test_len)) { From patchwork Tue Jan 28 17:27:09 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Oberhollenzer X-Patchwork-Id: 1230455 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=sigma-star.at Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20170209 header.b=n7/rQ+ID; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 486YW7124tz9sNF for ; Wed, 29 Jan 2020 04:28:51 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=5Co5OWhv4gQYyLWPLXPFU65BTOdDd6/qvwGrafNuW70=; b=n7/rQ+ID0IGQRC UFp97Yb09sMN3NlfzvSCk5zwgaJy0zD/Vgnghl05blOu2b7+JAs8rJ4lwTiFN/YxkhKdw35WXb2kW xG7SmidlQUR61ISYNrtbkFHqzXmTCWxfPODe/fHGQZiaYAFzsWyc0x49MkCrvYiaNQ+/pJfETe7Ro aqkNH1Q8WUytAW/2ahrgFJjNTKxN+caob+sG8d8l7oDvsfd05Q5WGn+drDUYoAmBkcXU/JQkapH7G w4pcH+gt5mRmD3SNWV2c8kElXbjXy0JLO+OBZZjbLTiq80eawhdfChzkmMnl3RIa5Rbj2bIKaDdKE lSA/p9yKTwV14Ia9GZuQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1iwUfE-0001nZ-To; Tue, 28 Jan 2020 17:28:36 +0000 Received: from lilium.sigma-star.at ([109.75.188.150]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1iwUeD-0000iW-AH for linux-mtd@lists.infradead.org; Tue, 28 Jan 2020 17:27:35 +0000 Received: from localhost (localhost [127.0.0.1]) by lilium.sigma-star.at (Postfix) with ESMTP id 542B81815230D; Tue, 28 Jan 2020 18:27:30 +0100 (CET) Received: from lilium.sigma-star.at ([127.0.0.1]) by localhost (lilium.sigma-star.at [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id Rno1Xkt29Iff; Tue, 28 Jan 2020 18:27:28 +0100 (CET) Received: from lilium.sigma-star.at ([127.0.0.1]) by localhost (lilium.sigma-star.at [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id iO8tQmZ8aKCF; Tue, 28 Jan 2020 18:27:28 +0100 (CET) From: David Oberhollenzer To: linux-mtd@lists.infradead.org Subject: [PATCH 2/8] mtd-utils: Fix potential negative arguments passed to close(2) Date: Tue, 28 Jan 2020 18:27:09 +0100 Message-Id: <20200128172715.19545-3-david.oberhollenzer@sigma-star.at> X-Mailer: git-send-email 2.24.1 In-Reply-To: <20200128172715.19545-1-david.oberhollenzer@sigma-star.at> References: <20200128172715.19545-1-david.oberhollenzer@sigma-star.at> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200128_092733_497971_B76D8CA5 X-CRM114-Status: GOOD ( 12.19 ) X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.3 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 T_SPF_PERMERROR SPF: test of record failed (permerror) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: richard@nod.at, David Oberhollenzer Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Many tools open a file descriptor, close it a the end and have some form of error path in between that jumps to the end. In some cases, if opening the file fails the error path is taken and the utility ends up closing one or more invalid file descriptors. It's technically not a real issue but something that pretty much any static analysis tool barks at. Signed-off-by: David Oberhollenzer --- nand-utils/nanddump.c | 3 ++- nand-utils/nandwrite.c | 3 ++- nor-utils/rfddump.c | 2 +- tests/fs-tests/stress/atoms/fwrite00.c | 4 +++- 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/nand-utils/nanddump.c b/nand-utils/nanddump.c index 841ed67..62699e0 100644 --- a/nand-utils/nanddump.c +++ b/nand-utils/nanddump.c @@ -549,7 +549,8 @@ int main(int argc, char * const argv[]) closeall: close(fd); - close(ofd); + if (ofd > 0 && ofd != STDOUT_FILENO) + close(ofd); free(oobbuf); free(readbuf); exit(EXIT_FAILURE); diff --git a/nand-utils/nandwrite.c b/nand-utils/nandwrite.c index 8f21593..e8a210c 100644 --- a/nand-utils/nandwrite.c +++ b/nand-utils/nandwrite.c @@ -605,7 +605,8 @@ int main(int argc, char * const argv[]) failed = false; closeall: - close(ifd); + if (ifd > 0 && ifd != STDIN_FILENO) + close(ifd); libmtd_close(mtd_desc); free(filebuf); close(fd); diff --git a/nor-utils/rfddump.c b/nor-utils/rfddump.c index 4ad2f91..01ab4c2 100644 --- a/nor-utils/rfddump.c +++ b/nor-utils/rfddump.c @@ -324,7 +324,7 @@ int main(int argc, char *argv[]) return 0; err: - if (out_fd) + if (out_fd > 0) close(out_fd); close(fd); diff --git a/tests/fs-tests/stress/atoms/fwrite00.c b/tests/fs-tests/stress/atoms/fwrite00.c index 3406bba..877c63c 100644 --- a/tests/fs-tests/stress/atoms/fwrite00.c +++ b/tests/fs-tests/stress/atoms/fwrite00.c @@ -138,7 +138,9 @@ static void filestress00(void) deleted = 1; } } - CHECK(close(fd) != -1); + if (fd > 0) { + CHECK(close(fd) != -1); + } /* Sleep */ if (tests_sleep_parameter > 0) { unsigned us = tests_sleep_parameter * 1000; From patchwork Tue Jan 28 17:27:10 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Oberhollenzer X-Patchwork-Id: 1230454 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=sigma-star.at Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20170209 header.b=rKhjhM91; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 486YVn5jV4z9sNT for ; Wed, 29 Jan 2020 04:28:33 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=sLFLzi/RPprL6ZgADRyszpt1MSii6WVASdOp9c6u8pI=; b=rKhjhM91hvZSXa fpeqijlIHcqzd18cMRmY8JUtMtc7W93swOjTgCyah3ReRxbVBmSD75XwUSPbgifvOTOcyFT6eH+aA ytQ+QvKimfiJTQWrR8kbPWwjFdit/yFdXFJdvh9FyQqfswIfHuHFuCdN+BEPiW++r69R3L9LodPmV p7ArLKgvKAbuCQzTT/ab9cyJO28/cREnkpPhyO7al5iGAYdeUIVDdpa05CInxnd0dk7n6sAmUvyja r2IKIva/HG9a9KVpezSLvTUy4dcyDFuPPMtZX5MbN+sJh4zQs+gFbmy+dT+nIXsiKAq6Abtilxluw GJPHFYHdpRmjnUVm4JFg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1iwUex-0001Wx-Tr; Tue, 28 Jan 2020 17:28:19 +0000 Received: from lilium.sigma-star.at ([109.75.188.150]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1iwUeD-0000iY-G7 for linux-mtd@lists.infradead.org; Tue, 28 Jan 2020 17:27:35 +0000 Received: from localhost (localhost [127.0.0.1]) by lilium.sigma-star.at (Postfix) with ESMTP id D6E2318126667; Tue, 28 Jan 2020 18:27:30 +0100 (CET) Received: from lilium.sigma-star.at ([127.0.0.1]) by localhost (lilium.sigma-star.at [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id BTI5aYZsdMH7; Tue, 28 Jan 2020 18:27:28 +0100 (CET) Received: from lilium.sigma-star.at ([127.0.0.1]) by localhost (lilium.sigma-star.at [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id uJxJBxM-Fxbb; Tue, 28 Jan 2020 18:27:28 +0100 (CET) From: David Oberhollenzer To: linux-mtd@lists.infradead.org Subject: [PATCH 3/8] mtd-utils: Fix various TOCTOU issues Date: Tue, 28 Jan 2020 18:27:10 +0100 Message-Id: <20200128172715.19545-4-david.oberhollenzer@sigma-star.at> X-Mailer: git-send-email 2.24.1 In-Reply-To: <20200128172715.19545-1-david.oberhollenzer@sigma-star.at> References: <20200128172715.19545-1-david.oberhollenzer@sigma-star.at> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200128_092733_819052_8CD4F0FD X-CRM114-Status: GOOD ( 11.57 ) X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.3 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 T_SPF_PERMERROR SPF: test of record failed (permerror) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: richard@nod.at, David Oberhollenzer Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org This patch restructures various code parts that follow the pattern of "stat(x, &sb) ... makes_sense(&sb) ... open(x)". Signed-off-by: David Oberhollenzer --- jffsX-utils/mkfs.jffs2.c | 4 +--- lib/libmtd_legacy.c | 31 ++++++++++++++++++++----------- misc-utils/ftl_check.c | 14 ++++++++------ misc-utils/ftl_format.c | 14 ++++++++------ 4 files changed, 37 insertions(+), 26 deletions(-) diff --git a/jffsX-utils/mkfs.jffs2.c b/jffsX-utils/mkfs.jffs2.c index f46cc22..9cc5eaf 100644 --- a/jffsX-utils/mkfs.jffs2.c +++ b/jffsX-utils/mkfs.jffs2.c @@ -1772,9 +1772,7 @@ int main(int argc, char **argv) } out_fd = 1; } - if (lstat(rootdir, &sb)) { - sys_errmsg_die("%s", rootdir); - } + if (chdir(rootdir)) sys_errmsg_die("%s", rootdir); diff --git a/lib/libmtd_legacy.c b/lib/libmtd_legacy.c index 2b7f65f..4eb4a70 100644 --- a/lib/libmtd_legacy.c +++ b/lib/libmtd_legacy.c @@ -221,18 +221,21 @@ int legacy_get_mtd_oobavail(const char *node) struct nand_ecclayout_user usrlay; int fd, ret; - if (stat(node, &st)) + fd = open(node, O_RDONLY); + if (fd == -1) return sys_errmsg("cannot open \"%s\"", node); + if (fstat(fd, &st)) { + ret = sys_errmsg("cannot open \"%s\"", node); + goto out_close; + } + if (!S_ISCHR(st.st_mode)) { errno = EINVAL; - return errmsg("\"%s\" is not a character device", node); + ret = errmsg("\"%s\" is not a character device", node); + goto out_close; } - fd = open(node, O_RDONLY); - if (fd == -1) - return sys_errmsg("cannot open \"%s\"", node); - ret = ioctl(fd, ECCGETLAYOUT, &usrlay); if (ret < 0) { if (errno == EOPNOTSUPP) @@ -273,15 +276,24 @@ int legacy_get_dev_info(const char *node, struct mtd_dev_info *mtd) loff_t offs = 0; struct proc_parse_info pi; - if (stat(node, &st)) { + fd = open(node, O_RDONLY); + if (fd == -1) { sys_errmsg("cannot open \"%s\"", node); if (errno == ENOENT) normsg("MTD subsystem is old and does not support " "sysfs, so MTD character device nodes have " "to exist"); + return -1; + } + + if (fstat(fd, &st)) { + sys_errmsg("cannot stat \"%s\"", node); + close(fd); + return -1; } if (!S_ISCHR(st.st_mode)) { + close(fd); errno = EINVAL; return errmsg("\"%s\" is not a character device", node); } @@ -291,6 +303,7 @@ int legacy_get_dev_info(const char *node, struct mtd_dev_info *mtd) mtd->minor = minor(st.st_rdev); if (mtd->major != MTD_DEV_MAJOR) { + close(fd); errno = EINVAL; return errmsg("\"%s\" has major number %d, MTD devices have " "major %d", node, mtd->major, MTD_DEV_MAJOR); @@ -298,10 +311,6 @@ int legacy_get_dev_info(const char *node, struct mtd_dev_info *mtd) mtd->mtd_num = mtd->minor / 2; - fd = open(node, O_RDONLY); - if (fd == -1) - return sys_errmsg("cannot open \"%s\"", node); - if (ioctl(fd, MEMGETINFO, &ui)) { sys_errmsg("MEMGETINFO ioctl request failed"); goto out_close; diff --git a/misc-utils/ftl_check.c b/misc-utils/ftl_check.c index 5a04155..5b2dae5 100644 --- a/misc-utils/ftl_check.c +++ b/misc-utils/ftl_check.c @@ -206,18 +206,20 @@ int main(int argc, char *argv[]) exit(errflg > 0 ? 0 : EXIT_FAILURE); } - if (stat(argv[optind], &buf) != 0) { + fd = open(argv[optind], O_RDONLY); + if (fd == -1) { + perror("open failed"); + exit(EXIT_FAILURE); + } + if (fstat(fd, &buf) != 0) { perror("status check failed"); + close(fd); exit(EXIT_FAILURE); } if (!(buf.st_mode & S_IFCHR)) { fprintf(stderr, "%s is not a character special device\n", argv[optind]); - exit(EXIT_FAILURE); - } - fd = open(argv[optind], O_RDONLY); - if (fd == -1) { - perror("open failed"); + close(fd); exit(EXIT_FAILURE); } diff --git a/misc-utils/ftl_format.c b/misc-utils/ftl_format.c index bf3c8f2..34d436c 100644 --- a/misc-utils/ftl_format.c +++ b/misc-utils/ftl_format.c @@ -312,18 +312,20 @@ int main(int argc, char *argv[]) exit(errflg > 0 ? EXIT_SUCCESS : EXIT_FAILURE); } - if (stat(argv[optind], &buf) != 0) { + fd = open(argv[optind], O_RDWR); + if (fd == -1) { + perror("open failed"); + exit(EXIT_FAILURE); + } + if (fstat(fd, &buf) != 0) { perror("status check failed"); + close(fd); exit(EXIT_FAILURE); } if (!(buf.st_mode & S_IFCHR)) { fprintf(stderr, "%s is not a character special device\n", argv[optind]); - exit(EXIT_FAILURE); - } - fd = open(argv[optind], O_RDWR); - if (fd == -1) { - perror("open failed"); + close(fd); exit(EXIT_FAILURE); } From patchwork Tue Jan 28 17:27:11 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Oberhollenzer X-Patchwork-Id: 1230458 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=sigma-star.at Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20170209 header.b=h6sAkQ5Y; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 486YX12tX9z9sNT for ; Wed, 29 Jan 2020 04:29:37 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=xsdt7Qn4U2weGbXkjTKawu3vaEuMO+doJxqmue4OTe8=; b=h6sAkQ5YD/FX1t BIMUWmeD3ZNAOkN5hmWKX5u4wOH0UlRi6biHyYoFngDXgJRpxuPBUfPuri2EPyHnaGw+T0eC47p4v sVnBPbKaYoGrLLKOockp+/4kb7CgXvThQHW9ZIXOBTQLKi+CsKMRPB3pjUf/6Js+BUzQJVa6kAYzs 8FUh1RDhkMpKkXsRGUAtBBdg8fbhygOM4Ntqu9LyhYpiC+dOUCLKZbyQwL6K7FpXdOh0s1PVY+iUg M/dDd5oPs52wvaJ46xPiMtkWS0m6j1aNit1X9q7Wf3X6ANlHnna0xeyMef4fI7Z9ArmbE91t2viaE rq/6xYHPVMvJa0TlhPag==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1iwUfz-0002bD-R2; Tue, 28 Jan 2020 17:29:23 +0000 Received: from lilium.sigma-star.at ([109.75.188.150]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1iwUeF-0000jt-Ka for linux-mtd@lists.infradead.org; Tue, 28 Jan 2020 17:27:37 +0000 Received: from localhost (localhost [127.0.0.1]) by lilium.sigma-star.at (Postfix) with ESMTP id D78DD180C83A5; Tue, 28 Jan 2020 18:27:31 +0100 (CET) Received: from lilium.sigma-star.at ([127.0.0.1]) by localhost (lilium.sigma-star.at [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id AevZVpZrrZNl; Tue, 28 Jan 2020 18:27:28 +0100 (CET) Received: from lilium.sigma-star.at ([127.0.0.1]) by localhost (lilium.sigma-star.at [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id fP5VDK-wRuIy; Tue, 28 Jan 2020 18:27:28 +0100 (CET) From: David Oberhollenzer To: linux-mtd@lists.infradead.org Subject: [PATCH 4/8] mtd-utils: Fix some simple cases of uninitialized value reads Date: Tue, 28 Jan 2020 18:27:11 +0100 Message-Id: <20200128172715.19545-5-david.oberhollenzer@sigma-star.at> X-Mailer: git-send-email 2.24.1 In-Reply-To: <20200128172715.19545-1-david.oberhollenzer@sigma-star.at> References: <20200128172715.19545-1-david.oberhollenzer@sigma-star.at> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200128_092735_851053_2EC7B681 X-CRM114-Status: GOOD ( 11.43 ) X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.3 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 T_SPF_PERMERROR SPF: test of record failed (permerror) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: richard@nod.at, David Oberhollenzer Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org This patch modifies the internal helpers to read and parse integers from sysfs files by initializing them first and removes turns an obscure "a = open(...) if (a >= 0) {...} if (a == -1) {...}" inside recv_image into a more straight forward if/else branch. Signed-off-by: David Oberhollenzer --- lib/libmtd.c | 2 ++ lib/libubi.c | 1 + misc-utils/recv_image.c | 3 +-- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/libmtd.c b/lib/libmtd.c index 564e5c0..9d8d0e8 100644 --- a/lib/libmtd.c +++ b/lib/libmtd.c @@ -217,6 +217,7 @@ static int read_hex_ll(const char *file, long long *value) } buf[rd] = '\0'; + *value = 0; if (sscanf(buf, "%llx\n", value) != 1) { errmsg("cannot read integer from \"%s\"\n", file); errno = EINVAL; @@ -269,6 +270,7 @@ static int read_pos_ll(const char *file, long long *value) goto out_error; } + *value = 0; if (sscanf(buf, "%lld\n", value) != 1) { errmsg("cannot read integer from \"%s\"\n", file); errno = EINVAL; diff --git a/lib/libubi.c b/lib/libubi.c index 4322a19..aaeeb38 100644 --- a/lib/libubi.c +++ b/lib/libubi.c @@ -94,6 +94,7 @@ static int read_positive_ll(const char *file, long long *value) } buf[rd] = '\0'; + *value = 0; if (sscanf(buf, "%lld\n", value) != 1) { errmsg("cannot read integer from \"%s\"\n", file); errno = EINVAL; diff --git a/misc-utils/recv_image.c b/misc-utils/recv_image.c index 7f6662b..eeaa2e2 100644 --- a/misc-utils/recv_image.c +++ b/misc-utils/recv_image.c @@ -81,8 +81,7 @@ int main(int argc, char **argv) printf("Receive to MTD device %s with erasesize %d\n", argv[3], meminfo.erasesize); } - } - if (flfd == -1) { + } else { /* Try again, as if it's a file */ flfd = open(argv[3], O_CREAT|O_TRUNC|O_RDWR, 0644); if (flfd < 0) { From patchwork Tue Jan 28 17:27:12 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Oberhollenzer X-Patchwork-Id: 1230453 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=sigma-star.at Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20170209 header.b=eUYS96Ip; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 486YVT4Rjhz9sNF for ; Wed, 29 Jan 2020 04:28:17 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=8mjk7hUp3RlUi2BEyK2+aen6R/4xdwfzEkk8PwbAIlU=; b=eUYS96Ip2WJ2L4 OKAq2kmvPbnkG6Ha08yFaNeov4cmCquyk04ZSRYeYDXKmY+DGCSfl5oLE7iqbx66rBjFOIXrILAKM qIJYKfZRePS98OiSnIEH+ciYN9Zr1d4xSnjR1jic2lRq1GDYBEogZ7M5s2YKbPLRew6VN5SwaSBvM Edz+fZ1zulIVwMY4Gldb0BZX7ABsUDb4CXehgy2qLKABAwzBpNaRzEt13t0uko8zm8ubC2C0qu0EN X8Bdqn7JU0L/OdU/X9iF0CUSjv2gyUF7GyNuW4iQwttleujXSx1UfuzcT4f+GXQ3199QDjWnVsIoT 1JyM11FS/ZgJIDCBxlfw==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1iwUeh-0001G2-Ds; Tue, 28 Jan 2020 17:28:03 +0000 Received: from lilium.sigma-star.at ([109.75.188.150]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1iwUeD-0000iX-BC for linux-mtd@lists.infradead.org; Tue, 28 Jan 2020 17:27:35 +0000 Received: from localhost (localhost [127.0.0.1]) by lilium.sigma-star.at (Postfix) with ESMTP id 668DB18128212; Tue, 28 Jan 2020 18:27:30 +0100 (CET) Received: from lilium.sigma-star.at ([127.0.0.1]) by localhost (lilium.sigma-star.at [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id W8RfKt_Qz_g7; Tue, 28 Jan 2020 18:27:29 +0100 (CET) Received: from lilium.sigma-star.at ([127.0.0.1]) by localhost (lilium.sigma-star.at [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id d3fCJrHMpqwm; Tue, 28 Jan 2020 18:27:28 +0100 (CET) From: David Oberhollenzer To: linux-mtd@lists.infradead.org Subject: [PATCH 5/8] mtd-utils: Fix wrong argument to sizeof in nanddump Date: Tue, 28 Jan 2020 18:27:12 +0100 Message-Id: <20200128172715.19545-6-david.oberhollenzer@sigma-star.at> X-Mailer: git-send-email 2.24.1 In-Reply-To: <20200128172715.19545-1-david.oberhollenzer@sigma-star.at> References: <20200128172715.19545-1-david.oberhollenzer@sigma-star.at> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200128_092733_535234_D1AE3E21 X-CRM114-Status: UNSURE ( 9.05 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.3 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 T_SPF_PERMERROR SPF: test of record failed (permerror) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: richard@nod.at, David Oberhollenzer Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Some temporary buffers are allocated with "sizeof(pointer) * count" as size argument, which cannot possibly be correct. Assuming what was meant was "sizeof(pointer[0]) * count" makes sense in the context of how the buffers are used, but is actually pretty pointless, since the buffers are unsigend char. Signed-off-by: David Oberhollenzer --- nand-utils/nanddump.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nand-utils/nanddump.c b/nand-utils/nanddump.c index 62699e0..d7fc320 100644 --- a/nand-utils/nanddump.c +++ b/nand-utils/nanddump.c @@ -362,8 +362,8 @@ int main(int argc, char * const argv[]) return errmsg("mtd_get_dev_info failed"); /* Allocate buffers */ - oobbuf = xmalloc(sizeof(oobbuf) * mtd.oob_size); - readbuf = xmalloc(sizeof(readbuf) * mtd.min_io_size); + oobbuf = xmalloc(mtd.oob_size); + readbuf = xmalloc(mtd.min_io_size); if (noecc) { if (ioctl(fd, MTDFILEMODE, MTD_FILE_MODE_RAW) != 0) { From patchwork Tue Jan 28 17:27:13 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Oberhollenzer X-Patchwork-Id: 1230457 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=sigma-star.at Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20170209 header.b=KXA/YmrF; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 486YWg5sp4z9sNF for ; Wed, 29 Jan 2020 04:29:19 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=b9xXjvKi+nWQTWYSKPHopw+CweXqBhsWIqoRd6DLUMU=; b=KXA/YmrFHQb0L2 RXxPb62csbJXfmg66DA7jhrGkbwaBU8+ow4uTUilRlidJfDElxdia3YQtWcuPm7KUpBrWWW1zvS+T wNj/KOqZ6kQGwjvfjOpGfyY3fkxxGQHJ5LfuxRBJFSClLVekHPVOgn1LTvGnaC/qJbPCokNKCfB/h nkw8y73jyY1c0CsoXb8JXrlAKFF1yzg/84GFDq+CJ3qwIWrLKoNQdFHC3NyNAItGMurKErOMaKqa/ C/0BB1PD1xP5puTLILJgK0IRHj/o92M2T56/0f372WlOJuys1i4u/nP1GWxZttkUSaRgkia2VBVtQ pgTxr1Sd+w3XA9Ln597A==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1iwUfi-0002MO-Ur; Tue, 28 Jan 2020 17:29:06 +0000 Received: from lilium.sigma-star.at ([109.75.188.150]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1iwUeF-0000jk-9h for linux-mtd@lists.infradead.org; Tue, 28 Jan 2020 17:27:37 +0000 Received: from localhost (localhost [127.0.0.1]) by lilium.sigma-star.at (Postfix) with ESMTP id 83B05180FD034; Tue, 28 Jan 2020 18:27:31 +0100 (CET) Received: from lilium.sigma-star.at ([127.0.0.1]) by localhost (lilium.sigma-star.at [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id 1asrUk_j3rqJ; Tue, 28 Jan 2020 18:27:29 +0100 (CET) Received: from lilium.sigma-star.at ([127.0.0.1]) by localhost (lilium.sigma-star.at [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 8JcpTVAl4QVY; Tue, 28 Jan 2020 18:27:29 +0100 (CET) From: David Oberhollenzer To: linux-mtd@lists.infradead.org Subject: [PATCH 6/8] mtd-utils: Fix "are we really at EOF" test logic in libubi read_data Date: Tue, 28 Jan 2020 18:27:13 +0100 Message-Id: <20200128172715.19545-7-david.oberhollenzer@sigma-star.at> X-Mailer: git-send-email 2.24.1 In-Reply-To: <20200128172715.19545-1-david.oberhollenzer@sigma-star.at> References: <20200128172715.19545-1-david.oberhollenzer@sigma-star.at> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200128_092735_483321_0C6CF093 X-CRM114-Status: GOOD ( 13.11 ) X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.3 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 T_SPF_PERMERROR SPF: test of record failed (permerror) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: richard@nod.at, David Oberhollenzer Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org The function reads file data into a buffer and then checks if we actually are at the end-of-file by trying to read one more byte. For whatever reason, the code uses an int instead of a char. It's not pretty but works. But again, this is something that every static analysis tool barks at. Further more, the error messages are inverted. "We aren't at EOF yet" is printed on failure and something like "read error %m" is printed on success. This patch fixes all of the above. Signed-off-by: David Oberhollenzer --- lib/libubi.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/lib/libubi.c b/lib/libubi.c index aaeeb38..afe3648 100644 --- a/lib/libubi.c +++ b/lib/libubi.c @@ -156,7 +156,8 @@ static int read_positive_int(const char *file, int *value) */ static int read_data(const char *file, void *buf, int buf_len) { - int fd, rd, tmp, tmp1; + int fd, rd, tmp1; + char tmp; fd = open(file, O_RDONLY); if (fd == -1) @@ -178,11 +179,11 @@ static int read_data(const char *file, void *buf, int buf_len) /* Make sure all data is read */ tmp1 = read(fd, &tmp, 1); - if (tmp1 == 1) { + if (tmp1 < 0) { sys_errmsg("cannot read \"%s\"", file); goto out_error; } - if (tmp1) { + if (tmp1 > 0) { errmsg("file \"%s\" contains too much data (> %d bytes)", file, buf_len); errno = EINVAL; From patchwork Tue Jan 28 17:27:14 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Oberhollenzer X-Patchwork-Id: 1230459 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=sigma-star.at Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20170209 header.b=k/VRDxa+; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 486YXL4dSbz9sNF for ; Wed, 29 Jan 2020 04:29:54 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=HTttLIAnVDZdY+fJjJ77mao/L5VOXXjuGh5rZOCIWd8=; b=k/VRDxa+7fyN1i /gPwE8Ke7B3LjK4UUwDEp27yScDWSzhRlGjCUM9Wqv4IkbJcxJgUlsw4VCYkUuk0gU5f3eeVdqOcc T3GazTph0IMPYzhjseywcIeucTDU+FP9cC4IK/sQ6Y2TOaCwmA3MtIRWG8IfWd6XsqVRbsiAL/dQW 1ghEQnQVnd9CTSSoWNzvqXVmL6ZoGorJ4TPIA6PqHr39zkDllWqlek3M4XZfasW9oDm5ZylEOYDvO 50wuA+CZlw1l4a1lbb1fh4OrJlWuKjifVx/0f5mNuisnTJUHDmSrRrpoIWcakkndL1j1mhoInUK6Y oVlfoFZr7KLAzQa5x3sQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1iwUgF-0002v5-QS; Tue, 28 Jan 2020 17:29:39 +0000 Received: from lilium.sigma-star.at ([109.75.188.150]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1iwUeF-0000ju-LZ for linux-mtd@lists.infradead.org; Tue, 28 Jan 2020 17:27:37 +0000 Received: from localhost (localhost [127.0.0.1]) by lilium.sigma-star.at (Postfix) with ESMTP id 3785818026540; Tue, 28 Jan 2020 18:27:32 +0100 (CET) Received: from lilium.sigma-star.at ([127.0.0.1]) by localhost (lilium.sigma-star.at [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id Supdisy_45R8; Tue, 28 Jan 2020 18:27:30 +0100 (CET) Received: from lilium.sigma-star.at ([127.0.0.1]) by localhost (lilium.sigma-star.at [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id B-5KNuyUfBbx; Tue, 28 Jan 2020 18:27:29 +0100 (CET) From: David Oberhollenzer To: linux-mtd@lists.infradead.org Subject: [PATCH 7/8] mtd-utils: Fix potentially unterminated strings Date: Tue, 28 Jan 2020 18:27:14 +0100 Message-Id: <20200128172715.19545-8-david.oberhollenzer@sigma-star.at> X-Mailer: git-send-email 2.24.1 In-Reply-To: <20200128172715.19545-1-david.oberhollenzer@sigma-star.at> References: <20200128172715.19545-1-david.oberhollenzer@sigma-star.at> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200128_092735_895417_B9BB04FA X-CRM114-Status: GOOD ( 11.72 ) X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.3 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 T_SPF_PERMERROR SPF: test of record failed (permerror) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: richard@nod.at, David Oberhollenzer Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org This commit fixes some uses of strncpy that could leave the destination buffer unterminated. Signed-off-by: David Oberhollenzer --- lib/libubi.c | 3 ++- misc-utils/mtdpart.c | 4 +++- tests/checkfs/checkfs.c | 3 ++- tests/jittertest/JitterTest.c | 3 ++- 4 files changed, 9 insertions(+), 4 deletions(-) diff --git a/lib/libubi.c b/lib/libubi.c index afe3648..baaca2f 100644 --- a/lib/libubi.c +++ b/lib/libubi.c @@ -1008,7 +1008,8 @@ int ubi_mkvol(libubi_t desc, const char *node, struct ubi_mkvol_request *req) if (n > UBI_MAX_VOLUME_NAME) return -1; - strncpy(r.name, req->name, UBI_MAX_VOLUME_NAME + 1); + strncpy(r.name, req->name, UBI_MAX_VOLUME_NAME); + r.name[UBI_MAX_VOLUME_NAME] = '\0'; r.name_len = n; fd = open(node, O_RDONLY); diff --git a/misc-utils/mtdpart.c b/misc-utils/mtdpart.c index e480e1b..ba35d87 100644 --- a/misc-utils/mtdpart.c +++ b/misc-utils/mtdpart.c @@ -174,7 +174,9 @@ int main(int argc, char * const argv[]) case COMMAND_ADD: part.start = start_addr; part.length = length; - strncpy(part.devname, part_name, sizeof(part.devname)); + strncpy(part.devname, part_name, + sizeof(part.devname) - 1); + part.devname[sizeof(part.devname) - 1] = '\0'; arg.op = BLKPG_ADD_PARTITION; break; case COMMAND_DEL: diff --git a/tests/checkfs/checkfs.c b/tests/checkfs/checkfs.c index 3e34cc4..203ad5c 100644 --- a/tests/checkfs/checkfs.c +++ b/tests/checkfs/checkfs.c @@ -512,7 +512,8 @@ static void processCmdLine(int argc, char **argv) { if(strcmp(argv[cnt], CMDLINE_PORT) == 0) { - strncpy(SerialDevice, argv[++cnt], sizeof(SerialDevice)); + strncpy(SerialDevice, argv[++cnt], sizeof(SerialDevice) - 1); + SerialDevice[sizeof(SerialDevice) - 1] = '\0'; continue; }else if(strcmp(argv[cnt], CMDLINE_MAXFILEBYTES) == 0) diff --git a/tests/jittertest/JitterTest.c b/tests/jittertest/JitterTest.c index 797035b..2bee0b0 100644 --- a/tests/jittertest/JitterTest.c +++ b/tests/jittertest/JitterTest.c @@ -859,7 +859,8 @@ void HandleCmdLineArgs( /* Set the file to log console log on. */ ++argNum; - strncpy(LogFile, argv[argNum], sizeof(LogFile)); + strncpy(LogFile, argv[argNum], sizeof(LogFile) - 1); + LogFile[sizeof(LogFile) - 1] = '\0'; } else if ((strcmp(argv[argNum],"--grab_kprofile") == From patchwork Tue Jan 28 17:27:15 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Oberhollenzer X-Patchwork-Id: 1230456 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=sigma-star.at Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20170209 header.b=ttt9H6cZ; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 486YWN6pQdz9sNF for ; Wed, 29 Jan 2020 04:29:04 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=TVkX9JVFlSfQjWIXphxw25HlPD9agkao3tNB6BwRK58=; b=ttt9H6cZHZvH7l P8LIytT6XPvLefVymdnStxtMbbyuIsiBTU0fKp7fxW/c6awyHXWFj9DL8IS1XEk7pZclRc6EHC9NQ y8Pu8O6vol1ALjr8TBohkle64LmhmG/zELXaSm27zTJsbZz3m5L2azeVTfRHJeOVMOx3e2+sCm0qP /TZB7EYsMJAkHyx8AScyx7jqtJJ0JQ/46ZaVoQoYjjCcaaB9CBAdQPsUgFZ3UJ6aCaIRoUPcnP0FY vffP21QfQA5T6ToPYxOsKzayBkVYAK1ZceqTsOrNy1v+0eJGDGqlM99PlRCNexHN1HVlvKWM2yfJ9 d4fAjd4W6vzWOc5MA0lg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1iwUfS-00024F-Lu; Tue, 28 Jan 2020 17:28:50 +0000 Received: from lilium.sigma-star.at ([109.75.188.150]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1iwUeF-0000jj-9a for linux-mtd@lists.infradead.org; Tue, 28 Jan 2020 17:27:37 +0000 Received: from localhost (localhost [127.0.0.1]) by lilium.sigma-star.at (Postfix) with ESMTP id 350B4180FEE22; Tue, 28 Jan 2020 18:27:31 +0100 (CET) Received: from lilium.sigma-star.at ([127.0.0.1]) by localhost (lilium.sigma-star.at [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id tKKLvazI8X7V; Tue, 28 Jan 2020 18:27:30 +0100 (CET) Received: from lilium.sigma-star.at ([127.0.0.1]) by localhost (lilium.sigma-star.at [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 61Em79L4WzW8; Tue, 28 Jan 2020 18:27:30 +0100 (CET) From: David Oberhollenzer To: linux-mtd@lists.infradead.org Subject: [PATCH 8/8] mtd-utils: Add checks to code that copies strings into fixed sized buffers Date: Tue, 28 Jan 2020 18:27:15 +0100 Message-Id: <20200128172715.19545-9-david.oberhollenzer@sigma-star.at> X-Mailer: git-send-email 2.24.1 In-Reply-To: <20200128172715.19545-1-david.oberhollenzer@sigma-star.at> References: <20200128172715.19545-1-david.oberhollenzer@sigma-star.at> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200128_092735_483449_38C6E351 X-CRM114-Status: GOOD ( 10.80 ) X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.3 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 T_SPF_PERMERROR SPF: test of record failed (permerror) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux MTD discussion mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: richard@nod.at, David Oberhollenzer Sender: "linux-mtd" Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: David Oberhollenzer --- jffsX-utils/jffs2dump.c | 3 ++- ubi-utils/ubirename.c | 7 +++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/jffsX-utils/jffs2dump.c b/jffsX-utils/jffs2dump.c index ad7a9e3..d30b59f 100644 --- a/jffsX-utils/jffs2dump.c +++ b/jffsX-utils/jffs2dump.c @@ -149,7 +149,8 @@ static void process_options (int argc, char *argv[]) break; case 'e': convertendian = 1; - strcpy (cnvfile, optarg); + strncpy (cnvfile, optarg, sizeof(cnvfile) - 1); + cnvfile[sizeof(cnvfile) - 1] = '\0'; break; case 'r': recalccrc = 1; diff --git a/ubi-utils/ubirename.c b/ubi-utils/ubirename.c index f88ef82..97bf030 100644 --- a/ubi-utils/ubirename.c +++ b/ubi-utils/ubirename.c @@ -126,6 +126,13 @@ int main(int argc, char * const argv[]) rnvol.ents[count].vol_id = err; rnvol.ents[count].name_len = strlen(argv[i + 1]); + + if (rnvol.ents[count].name_len >= + sizeof(rnvol.ents[count].name)) { + errmsg("\"%s\" volume name too long", argv[i + 1]); + goto out_libubi; + } + strcpy(rnvol.ents[count++].name, argv[i + 1]); }