From patchwork Thu Dec 19 21:58:17 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1213723 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=true.cz Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="d7u96W3h"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47f5Pn0pJhz9sPL for ; Fri, 20 Dec 2019 08:59:25 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=rS06k/qV/VcQE+KNPnZ8p9jh40COxHQhnd+SPPg2KSU=; b=d7u96W3hrnaxUW pubu59ia8JR/cDZWQZ1KkmFl7F/WukYINrNmZfu4BQLbgpyyNSOqilzso+JuYeZyBFFVjfNZ2nnws TvL7cmdPWmw4eiuSZf21tD3rrURK06bTfIaohap+eZQl9V1sIlK07qVo0JqRUc+idF6srhNkNJp4U AFY37ibA45N6GYSgHuXkTD51BmiHrpa9lomXkENVma8Wkm9OoeyLmADTFAxLqvbNT6BCx4EaYEpd2 DRoagxPvnOczJ1BPag/OlxI2byNmguUffatIyKjgNzrKd50RfnFW3QlVmTcDb4VPrtvoAHX24Io6O j7D8XvEt3l/nbLTPMx8Q==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3pL-0001S8-3f; Thu, 19 Dec 2019 21:59:23 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3om-0000qt-KF for openwrt-devel@lists.openwrt.org; Thu, 19 Dec 2019 21:58:51 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id 44CFD4B42; Thu, 19 Dec 2019 22:58:46 +0100 (CET) Received: by meh.true.cz (OpenSMTPD) with ESMTP id 18802f00; Thu, 19 Dec 2019 22:58:32 +0100 (CET) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Date: Thu, 19 Dec 2019 22:58:17 +0100 Message-Id: <20191219215836.21773-2-ynezz@true.cz> In-Reply-To: <20191219215836.21773-1-ynezz@true.cz> References: <20191219215836.21773-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191219_135848_835094_0C642CD1 X-CRM114-Status: UNSURE ( 5.92 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.217.244.18 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [OpenWrt-Devel] [PATCH libubox 01/20] cmake: use extra compiler warnings only on gcc6+ X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Petr_=C5=A0tetiar?= Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org gcc version 4.8.4 (Ubuntu 14.04) and -Wextra produces following: json_script.c:124:3: error: missing initializer for field 'name' of 'struct blobmsg_policy' [-Werror=missing-field-initializers] Reported-by: Jonas Gorski Signed-off-by: Petr Štetiar --- CMakeLists.txt | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index b80d551c112f..da7d03c7fc21 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -3,7 +3,12 @@ INCLUDE(CheckLibraryExists) INCLUDE(CheckFunctionExists) PROJECT(ubox C) -ADD_DEFINITIONS(-Os -Wextra -Wall -Werror --std=gnu99 -g3 -Wmissing-declarations -Wno-unused-parameter) + +ADD_DEFINITIONS(-Wall -Werror) +IF(CMAKE_C_COMPILER_VERSION VERSION_GREATER 6) + ADD_DEFINITIONS(-Wextra) +ENDIF() +ADD_DEFINITIONS(-Os -std=gnu99 -g3 -Wmissing-declarations -Wno-unused-parameter) OPTION(BUILD_LUA "build Lua plugin" ON) OPTION(BUILD_EXAMPLES "build examples" ON) From patchwork Thu Dec 19 21:58:18 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1213724 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=true.cz Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="TGycDuIP"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47f5Q96JFWz9sPL for ; Fri, 20 Dec 2019 08:59:45 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=0zz1bZZgq2a6Q8o0Xva7diz4xNdfp9XPwOqhuCXwCvY=; b=TGycDuIPf46wFB 0NKY0BtLefRNTKTxRD8IotlPeQi6IYIMWjhRmIrQh6WFHH/DuA4X1pauIGC8WLLzqRpHth8VcI1Sp abZxlh5UC76QYqgdNUsuit2L9YnE0N+OUlh1FJccBzQ3UIcl8tFKjT+l/gI4CZuQyUvcEypWrC224 lRa5pJecrqkCjUwBulO0CaGiNmVOxquUnZRfr3ypWzxuF5F5L5AVlQJ2VHd/uSmlDRpLvuoyF5Srg 6R68o5d53Mlk58YGwfcjKeVUD1PqYZBE7IoX4QqY1PDE0pytPEXQTQaI/ZnvLM5rObxrTXpnD9OFS s45V7QYo4DQxKAwGQzPw==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3pZ-0001lZ-9i; Thu, 19 Dec 2019 21:59:37 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3om-0000r0-KH for openwrt-devel@lists.openwrt.org; Thu, 19 Dec 2019 21:58:51 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id 766F04B43; Thu, 19 Dec 2019 22:58:46 +0100 (CET) Received: by meh.true.cz (OpenSMTPD) with ESMTP id abf7970f; Thu, 19 Dec 2019 22:58:32 +0100 (CET) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Date: Thu, 19 Dec 2019 22:58:18 +0100 Message-Id: <20191219215836.21773-3-ynezz@true.cz> In-Reply-To: <20191219215836.21773-1-ynezz@true.cz> References: <20191219215836.21773-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191219_135848_831623_29A8BE34 X-CRM114-Status: UNSURE ( 6.83 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.217.244.18 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [OpenWrt-Devel] [PATCH libubox 02/20] blobmsg/ulog: fix format string compiler warnings X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Petr_=C5=A0tetiar?= Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org Fixes following compiler warnings: blobmsg.c:242:39: error: format string is not a string literal [-Werror,-Wformat-nonliteral] blobmsg.c:248:23: error: format string is not a string literal [-Werror,-Wformat-nonliteral] ulog.c:100:18: error: format string is not a string literal [-Werror,-Wformat-nonliteral] ulog.c:112:16: error: format string is not a string literal [-Werror,-Wformat-nonliteral] ulog.c:117:20: error: format string is not a string literal [-Werror,-Wformat-nonliteral] Signed-off-by: Petr Štetiar --- blobmsg.c | 8 ++++---- ulog.c | 3 +++ 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/blobmsg.c b/blobmsg.c index a860483bfa7e..97e0c20575ff 100644 --- a/blobmsg.c +++ b/blobmsg.c @@ -230,8 +230,8 @@ blobmsg_open_nested(struct blob_buf *buf, const char *name, bool array) return (void *)offset; } -int -blobmsg_vprintf(struct blob_buf *buf, const char *name, const char *format, va_list arg) +__attribute__((format(printf, 3, 0))) +int blobmsg_vprintf(struct blob_buf *buf, const char *name, const char *format, va_list arg) { va_list arg2; char cbuf; @@ -251,8 +251,8 @@ blobmsg_vprintf(struct blob_buf *buf, const char *name, const char *format, va_l return ret; } -int -blobmsg_printf(struct blob_buf *buf, const char *name, const char *format, ...) +__attribute__((format(printf, 3, 4))) +int blobmsg_printf(struct blob_buf *buf, const char *name, const char *format, ...) { va_list ap; int ret; diff --git a/ulog.c b/ulog.c index b7300e720d21..05946a0c3521 100644 --- a/ulog.c +++ b/ulog.c @@ -87,6 +87,7 @@ static void ulog_defaults(void) _ulog_initialized = 1; } +__attribute__((format(printf, 2, 0))) static void ulog_kmsg(int priority, const char *fmt, va_list ap) { FILE *kmsg; @@ -102,6 +103,7 @@ static void ulog_kmsg(int priority, const char *fmt, va_list ap) } } +__attribute__((format(printf, 2, 0))) static void ulog_stdio(int priority, const char *fmt, va_list ap) { FILE *out = stderr; @@ -112,6 +114,7 @@ static void ulog_stdio(int priority, const char *fmt, va_list ap) vfprintf(out, fmt, ap); } +__attribute__((format(printf, 2, 0))) static void ulog_syslog(int priority, const char *fmt, va_list ap) { vsyslog(priority, fmt, ap); From patchwork Thu Dec 19 21:58:19 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1213722 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=true.cz Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="Th7GPSDR"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47f5Pd3182z9sPL for ; Fri, 20 Dec 2019 08:59:17 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=a+mSIErsM+Ko9wGhglyDJoK7iihZ0AnXsrsRBJqAf8o=; b=Th7GPSDRPkjUGd GjkyFKTXtK6Vd4x+GLO/8Ndm1+I6AFhcNwO8UpHh9gLO4jvLRpY8GYP1zWd1TPQ45iSjHmJVqguTa vHi1cvqreT9qyz7DS0CkMhnROrTE4tu+YIqSEc6+T0qk7z7iHfeiYLl9A0rvDgfVeN0sYkJa/h5Ha Xam2LKy0b9uN1rscbTDx51YKGcXTaCAqvnWvEjn53m9sAFACEiL5j3Ls/NaQyoqp/5RtHe9QhzWQA C8ShH+wjwxTbQTwC26Auqn4Ecw3WRbSRxVan5haCQvY3ThT3HsainuACCCliofkT5nENwksCxM8Qq xoTqBgWBAR1ptiDoAwhA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3p6-0001AP-MI; Thu, 19 Dec 2019 21:59:08 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3om-0000r1-KI for openwrt-devel@lists.openwrt.org; Thu, 19 Dec 2019 21:58:51 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id 9DCDA4B44; Thu, 19 Dec 2019 22:58:46 +0100 (CET) Received: by meh.true.cz (OpenSMTPD) with ESMTP id b19516bc; Thu, 19 Dec 2019 22:58:33 +0100 (CET) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Date: Thu, 19 Dec 2019 22:58:19 +0100 Message-Id: <20191219215836.21773-4-ynezz@true.cz> In-Reply-To: <20191219215836.21773-1-ynezz@true.cz> References: <20191219215836.21773-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191219_135848_832982_4E03092F X-CRM114-Status: UNSURE ( 7.39 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.217.244.18 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [OpenWrt-Devel] [PATCH libubox 03/20] cmake: add more hardening compiler flags X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Petr_=C5=A0tetiar?= Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org In order to spot possible issues with direct impact on security during QA on CI (GCC version 6 and higher). Ref: https://developers.redhat.com/blog/2018/03/21/compiler-and-linker-flags-gcc/ Signed-off-by: Petr Štetiar --- CMakeLists.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index da7d03c7fc21..0b0c9e316bfb 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -6,7 +6,8 @@ PROJECT(ubox C) ADD_DEFINITIONS(-Wall -Werror) IF(CMAKE_C_COMPILER_VERSION VERSION_GREATER 6) - ADD_DEFINITIONS(-Wextra) + ADD_DEFINITIONS(-Wextra -Werror=implicit-function-declaration) + ADD_DEFINITIONS(-Wformat -Werror=format-security -Werror=format-nonliteral) ENDIF() ADD_DEFINITIONS(-Os -std=gnu99 -g3 -Wmissing-declarations -Wno-unused-parameter) From patchwork Thu Dec 19 21:58:20 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1213725 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=true.cz Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="O6QJK7wm"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47f5QG1Jflz9sPL for ; Fri, 20 Dec 2019 08:59:50 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=su6y31rkklTjcOSY1xWxmLOu4NJVIUg1dnYYhwqb4/0=; b=O6QJK7wmHk5IlT M+pjlN21zkBIkb2hJoz+9yiA7aBgm0v7L/sqNUUGk8qV+nWBda0X9U+Qv+Z4iM3EB5xQAv3bp1QYz 0kTPzcIy1x2noY5wG5K7RHoeT21o9vTCdfSLgbFa6yTVd0yp/mc4VSxxtlW7QxmUNd58q38qio9/I SCpyrXe03ujnVU32R041xYDZLJCFhlwoGChMy1zBds+I0LHIdpQ0FbTvwz+qmKqdK623z+m+DwJMq XKNVWJZiuBc11XDj1Tb/VVVXEbVR4pl3V8sNSg/rMuJbAmIuWJ9/vigQEsbPPRy51jPGpkQ9cuv9q k/99WV3TEAszg54cATww==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3pj-00020J-RM; Thu, 19 Dec 2019 21:59:47 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3om-0000r3-KG for openwrt-devel@lists.openwrt.org; Thu, 19 Dec 2019 21:58:52 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id C01D34B45; Thu, 19 Dec 2019 22:58:46 +0100 (CET) Received: by meh.true.cz (OpenSMTPD) with ESMTP id 3053cf78; Thu, 19 Dec 2019 22:58:33 +0100 (CET) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Date: Thu, 19 Dec 2019 22:58:20 +0100 Message-Id: <20191219215836.21773-5-ynezz@true.cz> In-Reply-To: <20191219215836.21773-1-ynezz@true.cz> References: <20191219215836.21773-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191219_135849_124963_F6178421 X-CRM114-Status: GOOD ( 13.87 ) X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.217.244.18 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [OpenWrt-Devel] [PATCH libubox 04/20] tests: add unit tests covered with Clang sanitizers X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Petr_=C5=A0tetiar?= Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org Currently we run all tests via Valgrind. This patch adds 2nd batch of tests which are compiled with Clang AddressSanitizer[1], LeakSanitizer[2] and UndefinedBehaviorSanitizer[3] in order to catch more issues during QA on CI. AddressSanitizer is a fast memory error detector. The tool can detect the following types of bugs: * Out-of-bounds accesses to heap, stack and globals * Use-after-free, use-after-return, use-after-scope * Double-free, invalid free LeakSanitizer is a run-time memory leak detector. It can be combined with AddressSanitizer to get both memory error and leak detection, or used in a stand-alone mode. UndefinedBehaviorSanitizer (UBSan) is a fast undefined behavior detector. UBSan modifies the program at compile-time to catch various kinds of undefined behavior during program execution, for example: * Using misaligned or null pointer * Signed integer overflow * Conversion to, from, or between floating-point types which would overflow the destination 1. http://clang.llvm.org/docs/AddressSanitizer.html 2. http://http://clang.llvm.org/docs/LeakSanitizer.html 3. http://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html Signed-off-by: Petr Štetiar --- CMakeLists.txt | 12 +++ tests/CMakeLists.txt | 5 +- tests/cram/test_avl.t | 9 +++ tests/cram/test_base64.t | 30 ++++++- tests/cram/test_blobmsg.t | 15 ++++ tests/cram/test_jshn.t | 144 ++++++++++++++++++++++++++++++++++ tests/cram/test_json_script.t | 55 +++++++++++++ tests/cram/test_list.t | 20 +++++ tests/cram/test_runqueue.t | 12 +++ 9 files changed, 297 insertions(+), 5 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 0b0c9e316bfb..dcd455c02dfb 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -48,6 +48,14 @@ INSTALL(TARGETS ubox ubox-static ADD_SUBDIRECTORY(lua) ADD_SUBDIRECTORY(examples) +MACRO(ADD_UNIT_TEST_SAN name) + ADD_EXECUTABLE(${name}-san ${name}.c) + TARGET_COMPILE_OPTIONS(${name}-san PRIVATE -g -fno-omit-frame-pointer -fsanitize=undefined,address,leak -fno-sanitize-recover=all) + TARGET_LINK_OPTIONS(${name}-san PRIVATE -fsanitize=undefined,address,leak) + TARGET_LINK_LIBRARIES(${name}-san ubox blobmsg_json json_script ${json}) + TARGET_INCLUDE_DIRECTORIES(${name}-san PRIVATE ${PROJECT_SOURCE_DIR}) +ENDMACRO(ADD_UNIT_TEST_SAN) + IF(UNIT_TESTING) ENABLE_TESTING() ADD_SUBDIRECTORY(tests) @@ -62,6 +70,10 @@ IF(EXISTS ${json}) SET_TARGET_PROPERTIES(blobmsg_json-static PROPERTIES OUTPUT_NAME blobmsg_json) + IF(UNIT_TESTING) + ADD_UNIT_TEST_SAN(jshn) + ENDIF(UNIT_TESTING) + ADD_EXECUTABLE(jshn jshn.c) TARGET_LINK_LIBRARIES(jshn blobmsg_json ${json}) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 1c448257a4d6..bd2205743318 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -8,6 +8,7 @@ ENDMACRO(ADD_UNIT_TEST) FILE(GLOB test_cases "test-*.c") FOREACH(test_case ${test_cases}) - GET_FILENAME_COMPONENT(test_case ${test_case} NAME_WE) - ADD_UNIT_TEST(${test_case}) + GET_FILENAME_COMPONENT(test_case ${test_case} NAME_WE) + ADD_UNIT_TEST(${test_case}) + ADD_UNIT_TEST_SAN(${test_case}) ENDFOREACH(test_case) diff --git a/tests/cram/test_avl.t b/tests/cram/test_avl.t index 19a8d21f1f3e..d8d1640008c6 100644 --- a/tests/cram/test_avl.t +++ b/tests/cram/test_avl.t @@ -9,3 +9,12 @@ check that avl is producing expected results: test_basics: delete 'one' element test_basics: for each element reverse: zero two twelve three ten six seven nine four five eleven eight test_basics: delete all elements + + $ test-avl-san + test_basics: insert: 0=zero 0=one 0=two 0=three 0=four 0=five 0=six 0=seven 0=eight 0=nine 0=ten 0=eleven 0=twelve + test_basics: insert duplicate: -1=zero -1=one -1=two -1=three -1=four -1=five -1=six -1=seven -1=eight -1=nine -1=ten -1=eleven -1=twelve + test_basics: first=eight last=zero + test_basics: for each element: eight eleven five four nine one seven six ten three twelve two zero + test_basics: delete 'one' element + test_basics: for each element reverse: zero two twelve three ten six seven nine four five eleven eight + test_basics: delete all elements diff --git a/tests/cram/test_base64.t b/tests/cram/test_base64.t index 0a7a9d5c026d..ade41fb1eb2a 100644 --- a/tests/cram/test_base64.t +++ b/tests/cram/test_base64.t @@ -20,14 +20,38 @@ check that base64 is producing expected results: 5 fooba 6 foobar + $ test-b64-san + 0 + 4 Zg== + 4 Zm8= + 4 Zm9v + 8 Zm9vYg== + 8 Zm9vYmE= + 8 Zm9vYmFy + 0 + 1 f + 2 fo + 3 foo + 4 foob + 5 fooba + 6 foobar + check that b64_encode and b64_decode assert invalid input - $ alias check="egrep '(dumped|Assertion)' | sed 's;.*\(b64_.*code\).*\(Assertion.*$\);\1: \2;' | LC_ALL=C sort" + $ alias check="egrep '(dumped|Assertion)' output.log | sed 's;.*\(b64_.*code\).*\(Assertion.*$\);\1: \2;' | LC_ALL=C sort" + + $ test-b64_decode 2> output.log; check + Aborted (core dumped) + b64_decode: Assertion `dest && targsize > 0' failed. + + $ test-b64_encode 2> output.log; check + Aborted (core dumped) + b64_encode: Assertion `dest && targsize > 0' failed. - $ test-b64_decode 2>&1 | check + $ test-b64_decode-san 2> output.log; check Aborted (core dumped) b64_decode: Assertion `dest && targsize > 0' failed. - $ test-b64_encode 2>&1 | check + $ test-b64_encode-san 2> output.log; check Aborted (core dumped) b64_encode: Assertion `dest && targsize > 0' failed. diff --git a/tests/cram/test_blobmsg.t b/tests/cram/test_blobmsg.t index 504a056f52c4..3a5801a5a0f4 100644 --- a/tests/cram/test_blobmsg.t +++ b/tests/cram/test_blobmsg.t @@ -15,3 +15,18 @@ check that blobmsg is producing expected results: \tworld : 2 (esc) } json: {"message":"Hello, world!","testdata":{"double":133.700000,"hello":1,"world":"2"},"list":[0,1,2,133.700000]} + + $ test-blobmsg-san + Message: Hello, world! + List: { + 0 + 1 + 2 + 133.700000 + } + Testdata: { + \tdouble : 133.700000 (esc) + \thello : 1 (esc) + \tworld : 2 (esc) + } + json: {"message":"Hello, world!","testdata":{"double":133.700000,"hello":1,"world":"2"},"list":[0,1,2,133.700000]} diff --git a/tests/cram/test_jshn.t b/tests/cram/test_jshn.t index 1881a3d639a5..b2f28534a737 100644 --- a/tests/cram/test_jshn.t +++ b/tests/cram/test_jshn.t @@ -9,12 +9,20 @@ check usage: Usage: jshn [-n] [-i] -r |-R |-o |-p |-w [2] + $ jshn-san + Usage: jshn-san [-n] [-i] -r |-R |-o |-p |-w + [2] + test bad json: $ jshn -r '[]' Failed to parse message data [1] + $ jshn-san -r '[]' + Failed to parse message data + [1] + test good json: $ jshn -r '{"foo": "bar", "baz": {"next": "meep"}}' @@ -24,16 +32,31 @@ test good json: json_add_string 'next' 'meep'; json_close_object; + $ jshn-san -r '{"foo": "bar", "baz": {"next": "meep"}}' + json_init; + json_add_string 'foo' 'bar'; + json_add_object 'baz'; + json_add_string 'next' 'meep'; + json_close_object; + test json from file: $ echo '[]' > test.json; jshn -R test.json Failed to parse message data [1] + $ echo '[]' > test.json; jshn-san -R test.json + Failed to parse message data + [1] + $ jshn -R nada.json Error opening nada.json [3] + $ jshn-san -R nada.json + Error opening nada.json + [3] + $ echo '{"foo": "bar", "baz": {"next": "meep"}}' > test.json; jshn -R test.json json_init; json_add_string 'foo' 'bar'; @@ -41,38 +64,74 @@ test json from file: json_add_string 'next' 'meep'; json_close_object; + $ echo '{"foo": "bar", "baz": {"next": "meep"}}' > test.json; jshn-san -R test.json + json_init; + json_add_string 'foo' 'bar'; + json_add_object 'baz'; + json_add_string 'next' 'meep'; + json_close_object; + test json formatting without prepared environment: $ jshn -p procd -w { } + $ jshn-san -p procd -w + { } + $ jshn -i -p procd -w { \t (esc) } + $ jshn-san -i -p procd -w + { + \t (esc) + } + $ jshn -i -n -p procd -w { \t (esc) } (no-eol) + $ jshn-san -i -n -p procd -w + { + \t (esc) + } (no-eol) + $ jshn -p procd -o test.json; cat test.json { } + $ jshn-san -p procd -o test.json; cat test.json + { } + $ jshn -i -p procd -o test.json; cat test.json { \t (esc) } + $ jshn-san -i -p procd -o test.json; cat test.json + { + \t (esc) + } + $ jshn -i -n -p procd -o test.json; cat test.json { \t (esc) } (no-eol) + $ jshn-san -i -n -p procd -o test.json; cat test.json + { + \t (esc) + } (no-eol) + $ chmod oug= test.json $ jshn -i -n -p procd -o test.json Error opening test.json [3] + $ jshn-san -i -n -p procd -o test.json + Error opening test.json + [3] $ rm -f test.json test json formatting with prepared environment: @@ -104,6 +163,9 @@ test json formatting with prepared environment: $ jshn -p procd -w { "name": "urngd", "script": "\/etc\/init.d\/urngd", "instances": { "instance1": { "command": [ "\/sbin\/urngd" ] } }, "triggers": [ ], "data": { } } + $ jshn-san -p procd -w + { "name": "urngd", "script": "\/etc\/init.d\/urngd", "instances": { "instance1": { "command": [ "\/sbin\/urngd" ] } }, "triggers": [ ], "data": { } } + $ jshn -i -p procd -w { \t"name": "urngd", (esc) @@ -123,6 +185,25 @@ test json formatting with prepared environment: \t} (esc) } + $ jshn-san -i -p procd -w + { + \t"name": "urngd", (esc) + \t"script": "/etc/init.d/urngd", (esc) + \t"instances": { (esc) + \t\t"instance1": { (esc) + \t\t\t"command": [ (esc) + \t\t\t\t"/sbin/urngd" (esc) + \t\t\t] (esc) + \t\t} (esc) + \t}, (esc) + \t"triggers": [ (esc) + \t\t (esc) + \t], (esc) + \t"data": { (esc) + \t\t (esc) + \t} (esc) + } + $ jshn -n -i -p procd -w { \t"name": "urngd", (esc) @@ -142,9 +223,31 @@ test json formatting with prepared environment: \t} (esc) } (no-eol) + $ jshn-san -n -i -p procd -w + { + \t"name": "urngd", (esc) + \t"script": "/etc/init.d/urngd", (esc) + \t"instances": { (esc) + \t\t"instance1": { (esc) + \t\t\t"command": [ (esc) + \t\t\t\t"/sbin/urngd" (esc) + \t\t\t] (esc) + \t\t} (esc) + \t}, (esc) + \t"triggers": [ (esc) + \t\t (esc) + \t], (esc) + \t"data": { (esc) + \t\t (esc) + \t} (esc) + } (no-eol) + $ jshn -p procd -o test.json; cat test.json { "name": "urngd", "script": "\/etc\/init.d\/urngd", "instances": { "instance1": { "command": [ "\/sbin\/urngd" ] } }, "triggers": [ ], "data": { } } + $ jshn-san -p procd -o test.json; cat test.json + { "name": "urngd", "script": "\/etc\/init.d\/urngd", "instances": { "instance1": { "command": [ "\/sbin\/urngd" ] } }, "triggers": [ ], "data": { } } + $ jshn -i -p procd -o test.json; cat test.json { \t"name": "urngd", (esc) @@ -164,6 +267,25 @@ test json formatting with prepared environment: \t} (esc) } + $ jshn-san -i -p procd -o test.json; cat test.json + { + \t"name": "urngd", (esc) + \t"script": "/etc/init.d/urngd", (esc) + \t"instances": { (esc) + \t\t"instance1": { (esc) + \t\t\t"command": [ (esc) + \t\t\t\t"/sbin/urngd" (esc) + \t\t\t] (esc) + \t\t} (esc) + \t}, (esc) + \t"triggers": [ (esc) + \t\t (esc) + \t], (esc) + \t"data": { (esc) + \t\t (esc) + \t} (esc) + } + $ jshn -n -i -p procd -o test.json; cat test.json { \t"name": "urngd", (esc) @@ -183,7 +305,29 @@ test json formatting with prepared environment: \t} (esc) } (no-eol) + $ jshn-san -n -i -p procd -o test.json; cat test.json + { + \t"name": "urngd", (esc) + \t"script": "/etc/init.d/urngd", (esc) + \t"instances": { (esc) + \t\t"instance1": { (esc) + \t\t\t"command": [ (esc) + \t\t\t\t"/sbin/urngd" (esc) + \t\t\t] (esc) + \t\t} (esc) + \t}, (esc) + \t"triggers": [ (esc) + \t\t (esc) + \t], (esc) + \t"data": { (esc) + \t\t (esc) + \t} (esc) + } (no-eol) + $ chmod oug= test.json $ jshn -n -i -p procd -o test.json Error opening test.json [3] + $ jshn-san -n -i -p procd -o test.json + Error opening test.json + [3] diff --git a/tests/cram/test_json_script.t b/tests/cram/test_json_script.t index 3e80a5c10b81..4af7f5414ab5 100644 --- a/tests/cram/test_json_script.t +++ b/tests/cram/test_json_script.t @@ -3,6 +3,7 @@ set test bin path: $ [ -n "$TEST_BIN_DIR" ] && export PATH="$TEST_BIN_DIR:$PATH" $ export TEST_INPUTS="$TESTDIR/inputs" $ alias js="valgrind --quiet --leak-check=full test-json-script" + $ alias js-san="test-json-script-san" check that json-script is producing expected results: @@ -10,25 +11,46 @@ check that json-script is producing expected results: Usage: test-json-script [VARNAME=value] [254] + $ js-san + Usage: test-json-script-san [VARNAME=value] + [254] + $ echo '}' > test.json; js test.json load JSON data from test.json failed. + $ echo '}' > test.json; js-san test.json + load JSON data from test.json failed. + $ js nada.json 2>&1 | grep load.*failed load JSON data from nada.json failed. + $ js-san nada.json 2>&1 | grep load.*failed + load JSON data from nada.json failed. + $ echo '[ [ ] [ ] ]' > test.json; js test.json load JSON data from test.json failed. + $ echo '[ [ ] [ ] ]' > test.json; js-san test.json + load JSON data from test.json failed. + check example json-script: $ js $TEST_INPUTS/json-script.json exec /%/ exec_if_or + $ js-san $TEST_INPUTS/json-script.json + exec /%/ + exec_if_or + $ js EXECVAR=meh ORVAR=meep $TEST_INPUTS/json-script.json exec meh /%/ exec_if_or meep + $ js-san EXECVAR=meh ORVAR=meep $TEST_INPUTS/json-script.json + exec meh /%/ + exec_if_or meep + check has expression: $ echo ' @@ -43,12 +65,21 @@ check has expression: $ js VAR=foo test.json echo bar + $ js-san VAR=foo test.json + echo bar + $ js VAR=bar test.json echo bar + $ js-san VAR=bar test.json + echo bar + $ js test.json echo baz + $ js-san test.json + echo baz + check eq expression: $ echo ' @@ -63,12 +94,21 @@ check eq expression: $ js VAR=bar test.json echo foo + $ js-san VAR=bar test.json + echo foo + $ js VAR=xxx test.json echo baz + $ js-san VAR=xxx test.json + echo baz + $ js test.json echo baz + $ js-san test.json + echo baz + check regex single expression: $ echo ' @@ -83,14 +123,29 @@ check regex single expression: $ js VAR=hello test.json echo bar + $ js-san VAR=hello test.json + echo bar + $ js VAR=.ell. test.json echo bar + $ js-san VAR=.ell. test.json + echo bar + $ js test.json echo baz + $ js-san test.json + echo baz + $ js VAR= test.json echo baz + $ js-san VAR= test.json + echo baz + $ js VAR=hell test.json echo baz + + $ js-san VAR=hell test.json + echo baz diff --git a/tests/cram/test_list.t b/tests/cram/test_list.t index f7f18bd3746d..81affad29f83 100644 --- a/tests/cram/test_list.t +++ b/tests/cram/test_list.t @@ -20,3 +20,23 @@ check that list is producing expected results: test_basics: list_for_each_entry_reverse: one eleven ten nine eight seven six five four three two test_basics: delete all entries test_basics: list_empty: yes + + $ test-list-san + test_basics: list_empty: yes + test_basics: list_add_tail: zero one two three four five six seven eight nine ten eleven twelve + test_basics: list_empty: no + test_basics: first=zero last=twelve + test_basics: 'zero' is first, yes + test_basics: 'twelve' is last, yes + test_basics: removing 'twelve' and 'zero' + test_basics: first=one last=eleven + test_basics: 'one' is first, yes + test_basics: 'eleven' is last, yes + test_basics: moving 'one' to the tail + test_basics: first=two last=one + test_basics: 'two' is first, yes + test_basics: 'one' is last, yes + test_basics: list_for_each_entry: two three four five six seven eight nine ten eleven one + test_basics: list_for_each_entry_reverse: one eleven ten nine eight seven six five four three two + test_basics: delete all entries + test_basics: list_empty: yes diff --git a/tests/cram/test_runqueue.t b/tests/cram/test_runqueue.t index 4d4911047c18..227f41429557 100644 --- a/tests/cram/test_runqueue.t +++ b/tests/cram/test_runqueue.t @@ -12,3 +12,15 @@ check that runqueue is producing expected results: [1/1] cancel 'sleep 1' [0/1] finish 'sleep 1' All done! + + $ test-runqueue-san + [1/1] start 'sleep 1' + [1/1] cancel 'sleep 1' + [0/1] finish 'sleep 1' + [1/1] start 'sleep 1' + [1/1] cancel 'sleep 1' + [0/1] finish 'sleep 1' + [1/1] start 'sleep 1' + [1/1] cancel 'sleep 1' + [0/1] finish 'sleep 1' + All done! From patchwork Thu Dec 19 21:58:21 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1213726 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=true.cz Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="Gmh8FMiL"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47f5R70bnzz9sPL for ; Fri, 20 Dec 2019 09:00:35 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=QKI7/jPJDoH2+Sj5+NcNmjUDo8UvJOmyK7/X6eiaZGA=; b=Gmh8FMiLjX1dXh llUTDgyvflfMjdP48JZ4MCh9nQG25Tk10TM5bPsVbhrgEvm6l6oy6/I/LgiaddeSyVLyO4/l1HqYf IG/f9c/TvYiSHOX9c9Crn3rfWjh8f2aqGT6epzXrJobxeKJQBviW5Qk2qNgcZ8QEoVlGMGEeIXFsB y/6uq/ZmHh2+GXOoRZ8T141ezxtRp3h3Uim+XXt9QHnQIbluH1Mmlprll4OfIqIzoJx5q8gzPL5AU 02OKTaKmJCLQzKHnTnbGtqwoxLvirlFNTqcNk61F5iZcgE6minCUC5A0rQ4ewDpVQP/CGpuSe2xOi tj2cohcN9VWtdfcuS8jg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3qL-0004Gu-JO; Thu, 19 Dec 2019 22:00:25 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3op-0000sz-ND for openwrt-devel@lists.openwrt.org; Thu, 19 Dec 2019 21:58:54 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id CF53C4B47; Thu, 19 Dec 2019 22:58:46 +0100 (CET) Received: by meh.true.cz (OpenSMTPD) with ESMTP id b2715cf5; Thu, 19 Dec 2019 22:58:34 +0100 (CET) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Date: Thu, 19 Dec 2019 22:58:21 +0100 Message-Id: <20191219215836.21773-6-ynezz@true.cz> In-Reply-To: <20191219215836.21773-1-ynezz@true.cz> References: <20191219215836.21773-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191219_135851_926004_9B28BED9 X-CRM114-Status: GOOD ( 12.35 ) X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.217.244.18 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [OpenWrt-Devel] [PATCH libubox 05/20] tests: add libFuzzer based tests X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Petr_=C5=A0tetiar?= Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org LibFuzzer is in-process, coverage-guided, evolutionary fuzzing engine. LibFuzzer is linked with the library under test, and feeds fuzzed inputs to the library via a specific fuzzing entrypoint (aka "target function"); the fuzzer then tracks which areas of the code are reached, and generates mutations on the corpus of input data in order to maximize the code coverage. Lets use libFuzzer to fuzz blob and blobmsg parsing for the start. Ref: https://llvm.org/docs/LibFuzzer.html Signed-off-by: Petr Štetiar --- tests/CMakeLists.txt | 4 + tests/fuzz/CMakeLists.txt | 18 +++++ .../71520a5c4b5ca73903216857abbad54a8002d44a | Bin 0 -> 2 bytes .../c1dfd96eea8cc2b62785275bca38ac261256e278 | 1 + .../c42ac1c46f1d4e211c735cc7dfad4ff8391110e9 | Bin 0 -> 3 bytes tests/fuzz/corpus/valid-blobmsg.bin | Bin 0 -> 176 bytes tests/fuzz/test-fuzz.c | 76 ++++++++++++++++++ 7 files changed, 99 insertions(+) create mode 100644 tests/fuzz/CMakeLists.txt create mode 100644 tests/fuzz/corpus/71520a5c4b5ca73903216857abbad54a8002d44a create mode 100644 tests/fuzz/corpus/c1dfd96eea8cc2b62785275bca38ac261256e278 create mode 100644 tests/fuzz/corpus/c42ac1c46f1d4e211c735cc7dfad4ff8391110e9 create mode 100644 tests/fuzz/corpus/valid-blobmsg.bin create mode 100644 tests/fuzz/test-fuzz.c diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index bd2205743318..0cb33427e45a 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -12,3 +12,7 @@ FOREACH(test_case ${test_cases}) ADD_UNIT_TEST(${test_case}) ADD_UNIT_TEST_SAN(${test_case}) ENDFOREACH(test_case) + +IF(CMAKE_C_COMPILER_ID STREQUAL "Clang") + ADD_SUBDIRECTORY(fuzz) +ENDIF() diff --git a/tests/fuzz/CMakeLists.txt b/tests/fuzz/CMakeLists.txt new file mode 100644 index 000000000000..cca74fd6ca12 --- /dev/null +++ b/tests/fuzz/CMakeLists.txt @@ -0,0 +1,18 @@ +FILE(GLOB test_cases "test-*.c") + +MACRO(ADD_FUZZER_TEST name) + ADD_EXECUTABLE(${name} ${name}.c) + TARGET_COMPILE_OPTIONS(${name} PRIVATE -g -O1 -fno-omit-frame-pointer -fsanitize=fuzzer,address,leak,undefined) + TARGET_INCLUDE_DIRECTORIES(${name} PRIVATE ${PROJECT_SOURCE_DIR}) + TARGET_LINK_OPTIONS(${name} PRIVATE -stdlib=libc++ -fsanitize=fuzzer,address,leak,undefined) + TARGET_LINK_LIBRARIES(${name} ubox blobmsg_json json_script ${json}) + ADD_TEST( + NAME ${name} + COMMAND ${name} -max_len=256 -timeout=10 -max_total_time=300 ${CMAKE_CURRENT_SOURCE_DIR}/corpus + ) +ENDMACRO(ADD_FUZZER_TEST) + +FOREACH(test_case ${test_cases}) + GET_FILENAME_COMPONENT(test_case ${test_case} NAME_WE) + ADD_FUZZER_TEST(${test_case}) +ENDFOREACH(test_case) diff --git a/tests/fuzz/corpus/71520a5c4b5ca73903216857abbad54a8002d44a b/tests/fuzz/corpus/71520a5c4b5ca73903216857abbad54a8002d44a new file mode 100644 index 0000000000000000000000000000000000000000..b4e009dd6d7e91ff56595a84010db2eb81e41622 GIT binary patch literal 2 Jcmcb}0004`0MY;e literal 0 HcmV?d00001 diff --git a/tests/fuzz/corpus/c1dfd96eea8cc2b62785275bca38ac261256e278 b/tests/fuzz/corpus/c1dfd96eea8cc2b62785275bca38ac261256e278 new file mode 100644 index 000000000000..62f9457511f8 --- /dev/null +++ b/tests/fuzz/corpus/c1dfd96eea8cc2b62785275bca38ac261256e278 @@ -0,0 +1 @@ +6 \ No newline at end of file diff --git a/tests/fuzz/corpus/c42ac1c46f1d4e211c735cc7dfad4ff8391110e9 b/tests/fuzz/corpus/c42ac1c46f1d4e211c735cc7dfad4ff8391110e9 new file mode 100644 index 0000000000000000000000000000000000000000..3d70d85eba81360f757bc71859316667610c5339 GIT binary patch literal 3 KcmZQ%U<3dF2LJ;A literal 0 HcmV?d00001 diff --git a/tests/fuzz/corpus/valid-blobmsg.bin b/tests/fuzz/corpus/valid-blobmsg.bin new file mode 100644 index 0000000000000000000000000000000000000000..2d0c68e8a1273ae12ac6d4401c7471927809a926 GIT binary patch literal 176 zcmZo>V31>A&rK~ZPE1c_U|{e_&B@8vQ7F$Z%1KcK@*9Cd3@kaB#U%_3tqcr2Kp`+d zVlyJKnK~F4BpBFI@=KF)K*ljRBy39qfhLeS93`p6B`Jv|i3|+5)B(*BU|`JvxdNn} Rv6+E^kAW5J90ntx007e$BMSfk literal 0 HcmV?d00001 diff --git a/tests/fuzz/test-fuzz.c b/tests/fuzz/test-fuzz.c new file mode 100644 index 000000000000..7153847e0825 --- /dev/null +++ b/tests/fuzz/test-fuzz.c @@ -0,0 +1,76 @@ +#include +#include +#include + +#include "blob.h" +#include "blobmsg.h" + +static void fuzz_blobmsg_parse(const uint8_t *data, size_t size) +{ + enum { + FOO_MESSAGE, + FOO_LIST, + FOO_TESTDATA, + __FOO_MAX + }; + + static const struct blobmsg_policy foo_policy[] = { + [FOO_MESSAGE] = { + .name = "message", + .type = BLOBMSG_TYPE_STRING, + }, + [FOO_LIST] = { + .name = "list", + .type = BLOBMSG_TYPE_ARRAY, + }, + [FOO_TESTDATA] = { + .name = "testdata", + .type = BLOBMSG_TYPE_TABLE, + }, + }; + + struct blob_attr *tb[__FOO_MAX]; + + blobmsg_parse(foo_policy, __FOO_MAX, tb, (uint8_t *)data, size); + blobmsg_parse_array(foo_policy, __FOO_MAX, tb, (uint8_t *)data, size); +} + +static void fuzz_blob_parse(const uint8_t *data, size_t size) +{ + enum { + FOO_ATTR_NESTED, + FOO_ATTR_BINARY, + FOO_ATTR_STRING, + FOO_ATTR_INT8, + FOO_ATTR_INT16, + FOO_ATTR_INT32, + FOO_ATTR_INT64, + FOO_ATTR_DOUBLE, + __FOO_ATTR_MAX + }; + + + static const struct blob_attr_info foo_policy[__FOO_ATTR_MAX] = { + [FOO_ATTR_NESTED] = { .type = BLOB_ATTR_NESTED }, + [FOO_ATTR_BINARY] = { .type = BLOB_ATTR_BINARY }, + [FOO_ATTR_STRING] = { .type = BLOB_ATTR_STRING }, + [FOO_ATTR_INT8] = { .type = BLOB_ATTR_INT8 }, + [FOO_ATTR_INT16] = { .type = BLOB_ATTR_INT16 }, + [FOO_ATTR_INT32] = { .type = BLOB_ATTR_INT32 }, + [FOO_ATTR_INT64] = { .type = BLOB_ATTR_INT64 }, + [FOO_ATTR_DOUBLE] = { .type = BLOB_ATTR_DOUBLE }, + }; + + struct blob_attr *foo[__FOO_ATTR_MAX]; + struct blob_attr *buf = (struct blob_attr *)data; + + blob_parse(buf, foo, foo_policy, __FOO_ATTR_MAX); +} + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + fuzz_blob_parse(data, size); + fuzz_blobmsg_parse(data, size); + + return 0; +} From patchwork Thu Dec 19 21:58:22 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1213731 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=true.cz Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="O3qZJfDG"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47f5S31j4Tz9sPT for ; Fri, 20 Dec 2019 09:01:23 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=orHf0nAiqjM3EMlbkJ8IB5pfcbVo31ZfLRiJmRTSe4I=; b=O3qZJfDGBNYvfL TD6refHTD/0ZpSqkWmOGQw6avBRd8841Fot3aTuLx6hkMdTcVmGTPCQ4YOA23Z0QOk7s1iMob+cH7 kJIjxPXj5tJUoXSvR7u7r08wSAwkwT/BjCB4gNq4prrgGnttDRRk37HU7WjvX+oUuhI+1qL7CoTUG UDKq7hcEnby2Cqp/mG2ziCrWJ1bGQvwvK3iPsnMak4pQnAD8pPcKmmurIQyDIQ5224Eu1qcMuT2A8 b3vPGP66ojzw15+gPS+xgN376Q8iKmI5ipWV0IbTOGhZAATH+j0hk77j0vSAjLx8mnhpC6Jss9SBt x59CEo3lVXVmvtANNJKg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3rA-0005aK-1z; Thu, 19 Dec 2019 22:01:16 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3oq-0000tY-Ei for openwrt-devel@lists.openwrt.org; Thu, 19 Dec 2019 21:58:57 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id F16A44B48; Thu, 19 Dec 2019 22:58:46 +0100 (CET) Received: by meh.true.cz (OpenSMTPD) with ESMTP id ecd318df; Thu, 19 Dec 2019 22:58:34 +0100 (CET) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Date: Thu, 19 Dec 2019 22:58:22 +0100 Message-Id: <20191219215836.21773-7-ynezz@true.cz> In-Reply-To: <20191219215836.21773-1-ynezz@true.cz> References: <20191219215836.21773-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191219_135852_677059_3818EB4C X-CRM114-Status: GOOD ( 16.02 ) X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.217.244.18 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [OpenWrt-Devel] [PATCH libubox 06/20] tests: add test cases for blob parsing X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Petr_=C5=A0tetiar?= Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org Increasing test coverage. Signed-off-by: Petr Štetiar --- tests/cram/inputs/invalid.ucert | Bin 0 -> 362 bytes tests/cram/inputs/key-build.ucert | Bin 0 -> 356 bytes tests/cram/test_blob_parse.t | 76 +++++++++++++ tests/test-blob-parse.c | 175 ++++++++++++++++++++++++++++++ 4 files changed, 251 insertions(+) create mode 100644 tests/cram/inputs/invalid.ucert create mode 100644 tests/cram/inputs/key-build.ucert create mode 100644 tests/cram/test_blob_parse.t create mode 100644 tests/test-blob-parse.c diff --git a/tests/cram/inputs/invalid.ucert b/tests/cram/inputs/invalid.ucert new file mode 100644 index 0000000000000000000000000000000000000000..dbdeb725d490b51fb442ae3c5a5b90a32376f108 GIT binary patch literal 362 zcmZwDyHbNt5P;!Lp`+9mmXtaa8pj0Uj74IIQG^6@K{AdraLxfvJmkVPPw-31Uf?$C_TsUrr8PYjbt&|wj_P)<(Qp~$*0OhO zXW{fp_l6esQJNUkNV+UjQQEv4(A7!H#E$FbN4eLYChq8*g9^aM6Tmxc#fStEyaMdO z&U%cp1t~8t0WSdiu$x$nVkemUn|OclmH&3KTF`)mRcW& zjx5I8F=cqI|BJ0B6vY_z0WNxQ Amp~XIs#+bmp7r6D(2X7dCdj<@`gJN|wF2w-=WI2*4D{^NeTL^k7{gfd*& r|CMc|6e)FzOyAO7W!fBSQm3h@6O{>;uBdHch+F1Ww valgrind --quiet --leak-check=full test-blob-parse $blob; \ + > test-blob-parse-san $blob; \ + > done + cannot parse cert 71520a5c4b5ca73903216857abbad54a8002d44a + cannot parse cert 71520a5c4b5ca73903216857abbad54a8002d44a + cannot parse cert c1dfd96eea8cc2b62785275bca38ac261256e278 + cannot parse cert c1dfd96eea8cc2b62785275bca38ac261256e278 + cannot parse cert c42ac1c46f1d4e211c735cc7dfad4ff8391110e9 + cannot parse cert c42ac1c46f1d4e211c735cc7dfad4ff8391110e9 + cannot parse cert crash-1b8fb1be45db3aff7699100f497fb74138f3df4f + cannot parse cert crash-1b8fb1be45db3aff7699100f497fb74138f3df4f + cannot parse cert crash-4c4d2c3c9ade5da9347534e290305c3b9760f627 + cannot parse cert crash-4c4d2c3c9ade5da9347534e290305c3b9760f627 + cannot parse cert crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b + cannot parse cert crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b + cannot parse cert crash-75b146c4e6fac64d3e62236b27c64b50657bab2a + cannot parse cert crash-75b146c4e6fac64d3e62236b27c64b50657bab2a + cannot parse cert crash-813f3e68661da09c26d4a87dbb9d5099e92be50f + cannot parse cert crash-813f3e68661da09c26d4a87dbb9d5099e92be50f + cannot parse cert crash-98595faa58ba01d85ba4fd0b109cd3d490b45795 + cannot parse cert crash-98595faa58ba01d85ba4fd0b109cd3d490b45795 + cannot parse cert crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1 + cannot parse cert crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1 + cannot parse cert crash-df9d1243057b27bbad6211e5a23d1cb699028aa2 + cannot parse cert crash-df9d1243057b27bbad6211e5a23d1cb699028aa2 + cannot parse cert crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2 + cannot parse cert crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2 + cannot parse cert valid-blobmsg.bin + cannot parse cert valid-blobmsg.bin diff --git a/tests/test-blob-parse.c b/tests/test-blob-parse.c new file mode 100644 index 000000000000..6b1fb56485da --- /dev/null +++ b/tests/test-blob-parse.c @@ -0,0 +1,175 @@ +/* + * Based on certificate dump functionality from ucert.c: + * + * Copyright (C) 2018 Daniel Golle + * SPDX-License-Identifier: GPL-3.0 + * + */ + +#include +#include +#include +#include + +#include "blob.h" +#include "list.h" +#include "blobmsg_json.h" + +#define CERT_BUF_LEN 4096 + +/* + * ucert structure + * | BLOB | + * | SIGNATURE | PAYLOAD | + * | |[ BLOBMSG CONTAINER ]| + * | |[[T,i,v,e,f,pubkey ]]| + */ +enum cert_attr { + CERT_ATTR_SIGNATURE, + CERT_ATTR_PAYLOAD, + CERT_ATTR_MAX +}; + +static const struct blob_attr_info cert_policy[CERT_ATTR_MAX] = { + [CERT_ATTR_SIGNATURE] = { .type = BLOB_ATTR_BINARY }, + [CERT_ATTR_PAYLOAD] = { .type = BLOB_ATTR_NESTED }, +}; + +enum cert_cont_attr { + CERT_CT_ATTR_PAYLOAD, + CERT_CT_ATTR_MAX +}; + +enum cert_payload_attr { + CERT_PL_ATTR_CERTTYPE, + CERT_PL_ATTR_CERTID, + CERT_PL_ATTR_VALIDFROMTIME, + CERT_PL_ATTR_EXPIRETIME, + CERT_PL_ATTR_PUBKEY, + CERT_PL_ATTR_KEY_FINGERPRINT, + CERT_PL_ATTR_MAX +}; + +enum certtype_id { + CERTTYPE_UNSPEC, + CERTTYPE_AUTH, + CERTTYPE_REVOKE +}; + +/* list to store certificate chain at runtime */ +struct cert_object { + struct list_head list; + struct blob_attr *cert[CERT_ATTR_MAX]; +}; + +static int cert_load(const char *certfile, struct list_head *chain) +{ + FILE *f; + struct blob_attr *certtb[CERT_ATTR_MAX]; + struct blob_attr *bufpt; + struct cert_object *cobj; + char filebuf[CERT_BUF_LEN]; + int ret = 0, pret = 0; + size_t len, pos = 0; + + f = fopen(certfile, "r"); + if (!f) + return 1; + + len = fread(&filebuf, 1, CERT_BUF_LEN - 1, f); + if (len < 64) + return 1; + + ret = ferror(f) || !feof(f); + fclose(f); + if (ret) + return 1; + + bufpt = (struct blob_attr *)filebuf; + do { + pret = blob_parse(bufpt, certtb, cert_policy, CERT_ATTR_MAX); + if (pret <= 0) + /* no attributes found */ + break; + + if (pos + blob_pad_len(bufpt) > len) + /* blob exceeds filebuffer */ + break; + else + pos += blob_pad_len(bufpt); + + if (!certtb[CERT_ATTR_SIGNATURE]) + /* no signature -> drop */ + break; + + cobj = calloc(1, sizeof(*cobj)); + cobj->cert[CERT_ATTR_SIGNATURE] = blob_memdup(certtb[CERT_ATTR_SIGNATURE]); + if (certtb[CERT_ATTR_PAYLOAD]) + cobj->cert[CERT_ATTR_PAYLOAD] = blob_memdup(certtb[CERT_ATTR_PAYLOAD]); + + list_add_tail(&cobj->list, chain); + ret += pret; + /* repeat parsing while there is still enough remaining data in buffer */ + } while(len > pos + sizeof(struct blob_attr) && (bufpt = blob_next(bufpt))); + + return (ret <= 0); +} + +/* dump single chain element to console */ +static void cert_dump_blob(struct blob_attr *cert[CERT_ATTR_MAX]) +{ + int i; + char *json = NULL; + + for (i = 0; i < CERT_ATTR_MAX; i++) { + struct blob_attr *v = cert[i]; + + if (!v) + continue; + + switch(cert_policy[i].type) { + case BLOB_ATTR_BINARY: + fprintf(stdout, "signature:\n---\n%s---\n", (char *) blob_data(v)); + break; + case BLOB_ATTR_NESTED: + json = blobmsg_format_json_indent(blob_data(v), false, 0); + if (!json) + continue; + + fprintf(stdout, "payload:\n---\n%s\n---\n", json); + free(json); + break; + } + } +} + +static int cert_dump(const char *certfile) +{ + struct cert_object *cobj; + static LIST_HEAD(certchain); + unsigned int count = 0; + + if (cert_load(certfile, &certchain)) { + fprintf(stderr, "cannot parse cert %s\n", basename((char *) certfile)); + return 1; + } + + list_for_each_entry(cobj, &certchain, list) { + fprintf(stdout, "=== CHAIN ELEMENT %02u ===\n", ++count); + cert_dump_blob(cobj->cert); + } + + return 0; +} + +int main(int argc, char *argv[]) +{ + if (argc != 2) { + fprintf(stderr, "Usage: %s \n", argv[0]); + return 3; + } + + cert_dump(argv[1]); + + return 0; +} From patchwork Thu Dec 19 21:58:24 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1213729 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=true.cz Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="DNcSpFvG"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47f5Rb6KJtz9sPT for ; Fri, 20 Dec 2019 09:00:59 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=4/KdwjIjyWBW4pfAdJW5gQSagPwrjhu7k0x1mqJ4Pv4=; b=DNcSpFvGKpo18Y x4xGsi0DudQxEvhoW/7ldeYwwH7OhyR099nEks5EfWGk0tCpws5JXHuCjeiReUP+HwH4NXfK+Xpvz /7iQgivjbIRa2KpuvLbyDwljFAnN2qIa5RUl5cpjkpAO8/8Yv0swZzolYnKbStNISb6YbebRQT46q CoiX5v9FPBY9/0/f1fyiAFgVzoO/J501M8aJG273ez0CnnR735da3XUgp0g7LSDhWbhXF678DvPXL fYO1ufG8qmvubAO4EgiYCOmzvpgGLyds+mj1L5A3wY+M0kxHVS7B6ZB0Cxj/WT9qJkIhNL8cjlHKR 2VWqE8ZNPzjnIM5n17tg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3qo-00057Z-GB; Thu, 19 Dec 2019 22:00:54 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3oq-0000tZ-DQ for openwrt-devel@lists.openwrt.org; Thu, 19 Dec 2019 21:58:54 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id 3D4B34B4B; Thu, 19 Dec 2019 22:58:47 +0100 (CET) Received: by meh.true.cz (OpenSMTPD) with ESMTP id 232d54b3; Thu, 19 Dec 2019 22:58:35 +0100 (CET) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Date: Thu, 19 Dec 2019 22:58:24 +0100 Message-Id: <20191219215836.21773-9-ynezz@true.cz> In-Reply-To: <20191219215836.21773-1-ynezz@true.cz> References: <20191219215836.21773-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191219_135852_634942_1500EE51 X-CRM114-Status: GOOD ( 11.14 ) X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.217.244.18 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [OpenWrt-Devel] [PATCH libubox 08/20] blob: refactor attr parsing into separate function X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Petr_=C5=A0tetiar?= Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org Making blob_parse easier to review. Signed-off-by: Petr Štetiar --- blob.c | 61 +++++++++++++++++++++++++++++++++------------------------- 1 file changed, 35 insertions(+), 26 deletions(-) diff --git a/blob.c b/blob.c index 9b3d8abe330a..ee93894b9e6f 100644 --- a/blob.c +++ b/blob.c @@ -217,44 +217,53 @@ blob_check_type(const void *ptr, unsigned int len, int type) return true; } -int -blob_parse(struct blob_attr *attr, struct blob_attr **data, const struct blob_attr_info *info, int max) +static int +blob_parse_attr(struct blob_attr *attr, struct blob_attr **data, const struct blob_attr_info *info, int max) { - struct blob_attr *pos; int found = 0; - size_t rem; + int id = blob_id(attr); + size_t len = blob_len(attr); - memset(data, 0, sizeof(struct blob_attr *) * max); - blob_for_each_attr(pos, attr, rem) { - int id = blob_id(pos); - size_t len = blob_len(pos); + if (id >= max) + return 0; - if (id >= max) - continue; + if (info) { + int type = info[id].type; - if (info) { - int type = info[id].type; + if (type < BLOB_ATTR_LAST) { + if (!blob_check_type(blob_data(attr), len, type)) + return 0; + } - if (type < BLOB_ATTR_LAST) { - if (!blob_check_type(blob_data(pos), len, type)) - continue; - } + if (info[id].minlen && len < info[id].minlen) + return 0; - if (info[id].minlen && len < info[id].minlen) - continue; + if (info[id].maxlen && len > info[id].maxlen) + return 0; - if (info[id].maxlen && len > info[id].maxlen) - continue; + if (info[id].validate && !info[id].validate(&info[id], attr)) + return 0; + } - if (info[id].validate && !info[id].validate(&info[id], pos)) - continue; - } + if (!data[id]) + found++; - if (!data[id]) - found++; + data[id] = attr; + return found; +} - data[id] = pos; +int +blob_parse(struct blob_attr *attr, struct blob_attr **data, const struct blob_attr_info *info, int max) +{ + struct blob_attr *pos; + int found = 0; + size_t rem; + + memset(data, 0, sizeof(struct blob_attr *) * max); + blob_for_each_attr(pos, attr, rem) { + found += blob_parse_attr(pos, data, info, max); } + return found; } From patchwork Thu Dec 19 21:58:25 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1213728 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=true.cz Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="Mi678JVk"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47f5RL2fPyz9sR1 for ; Fri, 20 Dec 2019 09:00:45 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=zjXWjrg0NozVfUHNZLScjpc/BcmsusYaSP3UDA4muiE=; b=Mi678JVk4KKClQ RbVjStWiCjUdHka/vkcOu3Ad87jGXUyaYnFq+G7cW3VRhpZiKS+x7Qpm65WwOiTIuJ9ctA7y8WB6Y NZ8IczpXB2tFGJ4p5Co1eG6fS+PIwhFYuPUic3EZxLVAqO099mvg3iFsEKxVbBqOBbor5nUv/zXWp rk9G98WMJI1KhaZWcT8W754XIJzEi03P9fgFHyIe66VATH1HsgVwNmJ8QJ/m8FDN/85nZkgMnZysH 6dcFhUXbLfuOR6ufQGCDMhz19taUloKy0H2g7F1w7TyyHyDG+IqMvniW3aSDMpzJOFJm/7380bOuM BE4VI/hIBu6Ucq+bUIGQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3qd-0004rk-Cx; Thu, 19 Dec 2019 22:00:43 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3oq-0000ta-Eo for openwrt-devel@lists.openwrt.org; Thu, 19 Dec 2019 21:58:55 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id 47C494B4C; Thu, 19 Dec 2019 22:58:47 +0100 (CET) Received: by meh.true.cz (OpenSMTPD) with ESMTP id dafc6f3d; Thu, 19 Dec 2019 22:58:35 +0100 (CET) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Date: Thu, 19 Dec 2019 22:58:25 +0100 Message-Id: <20191219215836.21773-10-ynezz@true.cz> In-Reply-To: <20191219215836.21773-1-ynezz@true.cz> References: <20191219215836.21773-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191219_135852_706390_0AF8929D X-CRM114-Status: UNSURE ( 9.47 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.217.244.18 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [OpenWrt-Devel] [PATCH libubox 09/20] blob: introduce blob_parse_untrusted X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Petr_=C5=A0tetiar?= Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org blob_parse can be only used on trusted input as it has no possibility to check the length of the provided input buffer, which might lead to undefined behaviour and/or crashes when supplied with malformed, corrupted or otherwise specially crafted input. So this introduces blob_parse_untrusted variant which expects additional input buffer length argument and thus should be able to process also inputs from untrusted sources. Signed-off-by: Petr Štetiar --- blob.c | 24 ++++++++++++++++++++++++ blob.h | 7 +++++++ 2 files changed, 31 insertions(+) diff --git a/blob.c b/blob.c index ee93894b9e6f..dc908d9ea745 100644 --- a/blob.c +++ b/blob.c @@ -252,6 +252,30 @@ blob_parse_attr(struct blob_attr *attr, struct blob_attr **data, const struct bl return found; } +int +blob_parse_untrusted(struct blob_attr *attr, size_t attr_len, struct blob_attr **data, const struct blob_attr_info *info, int max) +{ + struct blob_attr *pos; + size_t len = 0; + int found = 0; + size_t rem; + + if (!attr || attr_len < sizeof(struct blob_attr)) + return 0; + + len = blob_raw_len(attr); + if (len != attr_len) + return 0; + + memset(data, 0, sizeof(struct blob_attr *) * max); + blob_for_each_attr_len(pos, attr, len, rem) { + found += blob_parse_attr(pos, rem, data, info, max); + } + + return found; +} + +/* use only on trusted input, otherwise consider blob_parse_untrusted */ int blob_parse(struct blob_attr *attr, struct blob_attr **data, const struct blob_attr_info *info, int max) { diff --git a/blob.h b/blob.h index d34652229b59..af033607e309 100644 --- a/blob.h +++ b/blob.h @@ -199,6 +199,7 @@ extern void blob_nest_end(struct blob_buf *buf, void *cookie); extern struct blob_attr *blob_put(struct blob_buf *buf, int id, const void *ptr, unsigned int len); extern bool blob_check_type(const void *ptr, unsigned int len, int type); extern int blob_parse(struct blob_attr *attr, struct blob_attr **data, const struct blob_attr_info *info, int max); +extern int blob_parse_untrusted(struct blob_attr *attr, size_t attr_len, struct blob_attr **data, const struct blob_attr_info *info, int max); extern struct blob_attr *blob_memdup(struct blob_attr *attr); extern struct blob_attr *blob_put_raw(struct blob_buf *buf, const void *ptr, unsigned int len); @@ -254,5 +255,11 @@ blob_put_u64(struct blob_buf *buf, int id, uint64_t val) (blob_pad_len(pos) >= sizeof(struct blob_attr)); \ rem -= blob_pad_len(pos), pos = blob_next(pos)) +#define blob_for_each_attr_len(pos, attr, attr_len, rem) \ + for (rem = attr ? blob_len(attr) : 0, \ + pos = (struct blob_attr *) (attr ? blob_data(attr) : NULL); \ + rem >= sizeof(struct blob_attr) && rem < attr_len && (blob_pad_len(pos) <= rem) && \ + (blob_pad_len(pos) >= sizeof(struct blob_attr)); \ + rem -= blob_pad_len(pos), pos = blob_next(pos)) #endif From patchwork Thu Dec 19 21:58:26 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1213732 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=true.cz Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="F+nfCkdx"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47f5SC5Tmqz9sPL for ; Fri, 20 Dec 2019 09:01:31 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=B4Lie//25bvnfoBklvRe68C5ymSo4ssraYXdoKkFaYM=; b=F+nfCkdxE8sW/L YVxV+63rGvyGasTSiFj3rFqIbPCEx/U1flo3QVwdJH5YXpZmxBMmCrmjd1f8FPdRkuNgnx7DPN6Y0 kkdtuhgSdqeYDp35IF35zptc572DNavpiyadmYIuHcI1BLxORT66jFDPMRjyZbVNwkynvICzclojq 3aplKfi5nCDcg1ev+pyHBmt6VznJZTV0UeLsuIx40/LOHlMDYVNmXjxBH5lIvfTFOePsTjsTuNcrO JIIg7ocdEH6dK0DCAXpAKg13SQmLHyebo1cNuzvZV2gkehjmodbuBlMBhD1i4azu43zywbGAlMUVv X1Ij1p+1LrRZq0m0ea2w==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3rO-000620-8F; Thu, 19 Dec 2019 22:01:30 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3oq-0000tb-K2 for openwrt-devel@lists.openwrt.org; Thu, 19 Dec 2019 21:58:57 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id 8802A4B4D; Thu, 19 Dec 2019 22:58:47 +0100 (CET) Received: by meh.true.cz (OpenSMTPD) with ESMTP id 3b448435; Thu, 19 Dec 2019 22:58:36 +0100 (CET) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Date: Thu, 19 Dec 2019 22:58:26 +0100 Message-Id: <20191219215836.21773-11-ynezz@true.cz> In-Reply-To: <20191219215836.21773-1-ynezz@true.cz> References: <20191219215836.21773-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191219_135852_830120_A7DF318A X-CRM114-Status: UNSURE ( 9.30 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.217.244.18 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [OpenWrt-Devel] [PATCH libubox 10/20] tests: use blob_parse_untrusted variant X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Petr_=C5=A0tetiar?= Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org In order to be able to use invalid input for testing as well. Signed-off-by: Petr Štetiar --- tests/fuzz/test-fuzz.c | 2 +- tests/test-blob-parse.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/fuzz/test-fuzz.c b/tests/fuzz/test-fuzz.c index 7153847e0825..52f2bbce878f 100644 --- a/tests/fuzz/test-fuzz.c +++ b/tests/fuzz/test-fuzz.c @@ -64,7 +64,7 @@ static void fuzz_blob_parse(const uint8_t *data, size_t size) struct blob_attr *foo[__FOO_ATTR_MAX]; struct blob_attr *buf = (struct blob_attr *)data; - blob_parse(buf, foo, foo_policy, __FOO_ATTR_MAX); + blob_parse_untrusted(buf, size, foo, foo_policy, __FOO_ATTR_MAX); } int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) diff --git a/tests/test-blob-parse.c b/tests/test-blob-parse.c index 6b1fb56485da..6d65eb4995b5 100644 --- a/tests/test-blob-parse.c +++ b/tests/test-blob-parse.c @@ -87,7 +87,7 @@ static int cert_load(const char *certfile, struct list_head *chain) bufpt = (struct blob_attr *)filebuf; do { - pret = blob_parse(bufpt, certtb, cert_policy, CERT_ATTR_MAX); + pret = blob_parse_untrusted(bufpt, len, certtb, cert_policy, CERT_ATTR_MAX); if (pret <= 0) /* no attributes found */ break; From patchwork Thu Dec 19 21:58:27 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1213733 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=true.cz Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="fWTvdoD2"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47f5Sd59XRz9sPL for ; Fri, 20 Dec 2019 09:01:53 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=G7ZOkThDTNv13txCbxQ6iElZhstfvdoYfTK0tsamx8c=; b=fWTvdoD2i4l326 O/CImDRTsEOW/cksXvc9DshZr28e2EEz15nyeLmIqFFiE/niMTfbPrmkPK0Z33YssOd+x3Wa0VP43 BZEABnbEGdyNr2gtKLCNPGM+s9DbiquiUAASXPEL79hkZ+eCJsqsGTTetFKUfK1kOZg60xOshlRvW po0inzbgAzjp4YNSKM2uE4oPXy1XqClnbu53TKku0+foeNizWK29O55iuSNooxazuEtyhbe/2TY5R tvcFQR+khryPfc+PTATChQViefLTNGvmQtILAAc92ACPXzcGqlcsYzpzfBWtWZj3PVoYUepR0/quX RtoO8SfmY35rEmind9xA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3rj-00070p-7m; Thu, 19 Dec 2019 22:01:51 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3oq-0000tc-Hd for openwrt-devel@lists.openwrt.org; Thu, 19 Dec 2019 21:58:57 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id 92A4E4B4F; Thu, 19 Dec 2019 22:58:47 +0100 (CET) Received: by meh.true.cz (OpenSMTPD) with ESMTP id c465e2b5; Thu, 19 Dec 2019 22:58:36 +0100 (CET) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Date: Thu, 19 Dec 2019 22:58:27 +0100 Message-Id: <20191219215836.21773-12-ynezz@true.cz> In-Reply-To: <20191219215836.21773-1-ynezz@true.cz> References: <20191219215836.21773-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191219_135852_909021_E889E137 X-CRM114-Status: GOOD ( 12.91 ) X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.217.244.18 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [OpenWrt-Devel] [PATCH libubox 11/20] blob: fix OOB access in blob_check_type X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Petr_=C5=A0tetiar?= Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org Found by fuzzer: ERROR: AddressSanitizer: SEGV on unknown address 0x602100000455 The signal is caused by a READ memory access. #0 in blob_check_type blob.c:214:43 #1 in blob_parse_attr blob.c:234:9 #2 in blob_parse_untrusted blob.c:272:12 #3 in fuzz_blob_parse tests/fuzzer/test-blob-parse-fuzzer.c:34:2 #4 in LLVMFuzzerTestOneInput tests/fuzzer/test-blob-parse-fuzzer.c:39:2 Caused by following line: if (type == BLOB_ATTR_STRING && data[len - 1] != 0) where len was pointing outside of the data buffer. Signed-off-by: Petr Štetiar --- blob.c | 23 ++++++++++++++---- tests/cram/test_blob_parse.t | 2 ++ ...h-333757b203a44751d3535f24b05f467183a96d09 | Bin 0 -> 10 bytes 3 files changed, 20 insertions(+), 5 deletions(-) create mode 100644 tests/fuzz/corpus/crash-333757b203a44751d3535f24b05f467183a96d09 GIT binary patch literal 10 RcmZQzVBlh6U|=$10002a07U=* literal 0 HcmV?d00001 diff --git a/blob.c b/blob.c index dc908d9ea745..528e717615d6 100644 --- a/blob.c +++ b/blob.c @@ -218,20 +218,33 @@ blob_check_type(const void *ptr, unsigned int len, int type) } static int -blob_parse_attr(struct blob_attr *attr, struct blob_attr **data, const struct blob_attr_info *info, int max) +blob_parse_attr(struct blob_attr *attr, size_t attr_len, struct blob_attr **data, const struct blob_attr_info *info, int max) { + int id; + size_t len; int found = 0; - int id = blob_id(attr); - size_t len = blob_len(attr); + size_t data_len; + if (!attr || attr_len < sizeof(struct blob_attr)) + return 0; + + id = blob_id(attr); if (id >= max) return 0; + len = blob_raw_len(attr); + if (len > attr_len || len < sizeof(struct blob_attr)) + return 0; + + data_len = blob_len(attr); + if (data_len > len) + return 0; + if (info) { int type = info[id].type; if (type < BLOB_ATTR_LAST) { - if (!blob_check_type(blob_data(attr), len, type)) + if (!blob_check_type(blob_data(attr), data_len, type)) return 0; } @@ -285,7 +298,7 @@ blob_parse(struct blob_attr *attr, struct blob_attr **data, const struct blob_at memset(data, 0, sizeof(struct blob_attr *) * max); blob_for_each_attr(pos, attr, rem) { - found += blob_parse_attr(pos, data, info, max); + found += blob_parse_attr(pos, rem, data, info, max); } return found; diff --git a/tests/cram/test_blob_parse.t b/tests/cram/test_blob_parse.t index 77d8bdd858b6..1fd60bc71122 100644 --- a/tests/cram/test_blob_parse.t +++ b/tests/cram/test_blob_parse.t @@ -56,6 +56,8 @@ check that blob_parse is producing expected results: cannot parse cert c42ac1c46f1d4e211c735cc7dfad4ff8391110e9 cannot parse cert crash-1b8fb1be45db3aff7699100f497fb74138f3df4f cannot parse cert crash-1b8fb1be45db3aff7699100f497fb74138f3df4f + cannot parse cert crash-333757b203a44751d3535f24b05f467183a96d09 + cannot parse cert crash-333757b203a44751d3535f24b05f467183a96d09 cannot parse cert crash-4c4d2c3c9ade5da9347534e290305c3b9760f627 cannot parse cert crash-4c4d2c3c9ade5da9347534e290305c3b9760f627 cannot parse cert crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b diff --git a/tests/fuzz/corpus/crash-333757b203a44751d3535f24b05f467183a96d09 b/tests/fuzz/corpus/crash-333757b203a44751d3535f24b05f467183a96d09 new file mode 100644 index 0000000000000000000000000000000000000000..b9a958e08d457aaeb05102bb0d654428ffca161e From patchwork Thu Dec 19 21:58:28 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1213730 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=true.cz Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="uEx3CELm"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47f5Rs40qxz9sPL for ; Fri, 20 Dec 2019 09:01:13 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=lxzs19c+z3eagzidcGciNKyWxNo2Bjyu8kAa/MHhMZ0=; b=uEx3CELmSeknmc gOoktEw7QBlJwe6j1CBpk5xKTFZn0YZO39l3UZwugoAsdkOSMlV3nKsuKaSk4VTXdg4v9fzkcUt5h jF+8pg5w2ZJrGGmsGI2gy3vI4r7NZXfeEybVgMXzfjVRrKp1y8G3paYloC8x5msX9kTqkH8OvOfvZ s3Whb7+2qaKQiFGRLpfAmyXGV0a35/wM8ssHZHV+6/DquzIGRG93J0Q+wdQDrOT7tc9VkNpSThGng mF88bdI0Z34BJrhY5lbN5ekDsRcHHTtvfL0wIi4uoJlr8FZOkYpqpOlAYVJuNdX+Imv5pmM3KpabI PODm4O0payqzBUUUzwJg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3r0-0005NL-3z; Thu, 19 Dec 2019 22:01:06 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3oq-0000td-K5 for openwrt-devel@lists.openwrt.org; Thu, 19 Dec 2019 21:58:57 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id B8ED94B50; Thu, 19 Dec 2019 22:58:47 +0100 (CET) Received: by meh.true.cz (OpenSMTPD) with ESMTP id a37ec9fd; Thu, 19 Dec 2019 22:58:37 +0100 (CET) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Date: Thu, 19 Dec 2019 22:58:28 +0100 Message-Id: <20191219215836.21773-13-ynezz@true.cz> In-Reply-To: <20191219215836.21773-1-ynezz@true.cz> References: <20191219215836.21773-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191219_135852_827778_4D96960D X-CRM114-Status: UNSURE ( 6.97 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.217.244.18 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [OpenWrt-Devel] [PATCH libubox 12/20] test: fuzz: add blobmsg_check_attr crashes X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Petr_=C5=A0tetiar?= Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org ==31775==ERROR: AddressSanitizer: SEGV on unknown address 0x604000a7c715 ==31775==The signal is caused by a READ memory access. #0 blobmsg_check_attr blobmsg.c:48:6 #1 blobmsg_parse_array blobmsg.c:118:8 #2 fuzz_blobmsg_parse test-blobmsg-parse-fuzzer.c:35:2 Signed-off-by: Petr Štetiar --- .../crash-4c4d2c3c9ade5da9347534e290305c3b9760f627 | Bin 0 -> 17 bytes .../crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b | Bin 0 -> 86 bytes .../crash-75b146c4e6fac64d3e62236b27c64b50657bab2a | Bin 0 -> 4 bytes .../crash-813f3e68661da09c26d4a87dbb9d5099e92be50f | Bin 0 -> 36 bytes .../crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2 | Bin 0 -> 66 bytes 5 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 tests/fuzz/corpus/crash-4c4d2c3c9ade5da9347534e290305c3b9760f627 create mode 100644 tests/fuzz/corpus/crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b create mode 100644 tests/fuzz/corpus/crash-75b146c4e6fac64d3e62236b27c64b50657bab2a create mode 100644 tests/fuzz/corpus/crash-813f3e68661da09c26d4a87dbb9d5099e92be50f create mode 100644 tests/fuzz/corpus/crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2 GIT binary patch literal 66 QcmZQ(U|{}F0bphZ0GOFO(EtDd literal 0 HcmV?d00001 diff --git a/tests/fuzz/corpus/crash-4c4d2c3c9ade5da9347534e290305c3b9760f627 b/tests/fuzz/corpus/crash-4c4d2c3c9ade5da9347534e290305c3b9760f627 new file mode 100644 index 0000000000000000000000000000000000000000..2ca392f0c6109a4b0d6cf44ed18d69133addd8ca GIT binary patch literal 17 NcmZQ(U|@cV3;+h literal 0 HcmV?d00001 diff --git a/tests/fuzz/corpus/crash-75b146c4e6fac64d3e62236b27c64b50657bab2a b/tests/fuzz/corpus/crash-75b146c4e6fac64d3e62236b27c64b50657bab2a new file mode 100644 index 0000000000000000000000000000000000000000..39ae859cc00ce0c4b80c5a1d0bf031b6a6310ce0 GIT binary patch literal 4 LcmZQ(U|<3O01^NO literal 0 HcmV?d00001 diff --git a/tests/fuzz/corpus/crash-813f3e68661da09c26d4a87dbb9d5099e92be50f b/tests/fuzz/corpus/crash-813f3e68661da09c26d4a87dbb9d5099e92be50f new file mode 100644 index 0000000000000000000000000000000000000000..62338ff4f0801529d0f6598c02bfbb9c57b5533c GIT binary patch literal 36 QcmZQ(U|{}_7cese01OQs?*IS* literal 0 HcmV?d00001 diff --git a/tests/fuzz/corpus/crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2 b/tests/fuzz/corpus/crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2 new file mode 100644 index 0000000000000000000000000000000000000000..92a30d23706ee628d4a076fcbe0b7613650c2039 From patchwork Thu Dec 19 21:58:29 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1213734 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=true.cz Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="jOn2FGC6"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47f5Sz1HzLz9sPT for ; Fri, 20 Dec 2019 09:02:11 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=sUl5EZyT7nt7QemOu6XuhyFKkSe5G1PMeyUEbwRJbTI=; b=jOn2FGC6HNKN+8 upZwMKePxcN0aBNKN4AMeFe3aNxfAfx5QHZcuCjiXj6jIN2dba8gUo6ycP8++BerYo5/SrKczINAm yjFTkAaDwm9TdmeFcijYNMBj8fVUcBHRRFjSF8wzdsF0dNjm37EmkxQfFMw5B4TJTHc/kO1Xz4m8M 2mmQwl6l6tXNfbJpcwhBD+dd+gqtlo8zzd1IWWt1lbBbBHY7+a7DYyEGaQ2bZQKSOdS2SWnSKCt+6 bWYZj983hDzKzz3Q18rPAC2YgqDYppx1chJtoF/JDrxNK4UnBLwqHMebXXEgnZlctk0Cf0af2MaLJ rTQrRbvLQOcKaRlgP6oQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3rw-0007VM-RC; Thu, 19 Dec 2019 22:02:04 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3or-0000v9-OM for openwrt-devel@lists.openwrt.org; Thu, 19 Dec 2019 21:59:00 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id DBDAC4B51; Thu, 19 Dec 2019 22:58:47 +0100 (CET) Received: by meh.true.cz (OpenSMTPD) with ESMTP id cb132b7b; Thu, 19 Dec 2019 22:58:37 +0100 (CET) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Date: Thu, 19 Dec 2019 22:58:29 +0100 Message-Id: <20191219215836.21773-14-ynezz@true.cz> In-Reply-To: <20191219215836.21773-1-ynezz@true.cz> References: <20191219215836.21773-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191219_135853_976061_E81DF217 X-CRM114-Status: GOOD ( 11.16 ) X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.217.244.18 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [OpenWrt-Devel] [PATCH libubox 13/20] tests: add test cases for blobmsg parsing X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Petr_=C5=A0tetiar?= Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org Increasing test coverage. Signed-off-by: Petr Štetiar --- tests/cram/test_blobmsg_parse.t | 65 +++++++++++++++++++++++++++++ tests/test-blobmsg-parse.c | 74 +++++++++++++++++++++++++++++++++ 2 files changed, 139 insertions(+) create mode 100644 tests/cram/test_blobmsg_parse.t create mode 100644 tests/test-blobmsg-parse.c diff --git a/tests/cram/test_blobmsg_parse.t b/tests/cram/test_blobmsg_parse.t new file mode 100644 index 000000000000..37e09ce33f1a --- /dev/null +++ b/tests/cram/test_blobmsg_parse.t @@ -0,0 +1,65 @@ +check that blobmsg_parse is producing expected results: + + $ [ -n "$TEST_BIN_DIR" ] && export PATH="$TEST_BIN_DIR:$PATH" + $ export FUZZ_CORPUS="$TESTDIR/../fuzz/corpus" + + $ for blob in $(LC_ALL=C find $FUZZ_CORPUS -type f | sort ); do + > valgrind --quiet --leak-check=full test-blobmsg-parse $blob; \ + > test-blobmsg-parse-san $blob; \ + > done + 71520a5c4b5ca73903216857abbad54a8002d44a: blobmsg_parse: ... (0) + 71520a5c4b5ca73903216857abbad54a8002d44a: blobmsg_parse_array: ... (0) + 71520a5c4b5ca73903216857abbad54a8002d44a: blobmsg_parse: ... (0) + 71520a5c4b5ca73903216857abbad54a8002d44a: blobmsg_parse_array: ... (0) + c1dfd96eea8cc2b62785275bca38ac261256e278: blobmsg_parse: ... (0) + c1dfd96eea8cc2b62785275bca38ac261256e278: blobmsg_parse_array: ... (0) + c1dfd96eea8cc2b62785275bca38ac261256e278: blobmsg_parse: ... (0) + c1dfd96eea8cc2b62785275bca38ac261256e278: blobmsg_parse_array: ... (0) + c42ac1c46f1d4e211c735cc7dfad4ff8391110e9: blobmsg_parse: ... (0) + c42ac1c46f1d4e211c735cc7dfad4ff8391110e9: blobmsg_parse_array: ... (0) + c42ac1c46f1d4e211c735cc7dfad4ff8391110e9: blobmsg_parse: ... (0) + c42ac1c46f1d4e211c735cc7dfad4ff8391110e9: blobmsg_parse_array: ... (0) + crash-1b8fb1be45db3aff7699100f497fb74138f3df4f: blobmsg_parse: ... (0) + crash-1b8fb1be45db3aff7699100f497fb74138f3df4f: blobmsg_parse_array: ... (0) + crash-1b8fb1be45db3aff7699100f497fb74138f3df4f: blobmsg_parse: ... (0) + crash-1b8fb1be45db3aff7699100f497fb74138f3df4f: blobmsg_parse_array: ... (0) + crash-333757b203a44751d3535f24b05f467183a96d09: blobmsg_parse: ... (0) + crash-333757b203a44751d3535f24b05f467183a96d09: blobmsg_parse_array: ... (0) + crash-333757b203a44751d3535f24b05f467183a96d09: blobmsg_parse: ... (0) + crash-333757b203a44751d3535f24b05f467183a96d09: blobmsg_parse_array: ... (0) + crash-4c4d2c3c9ade5da9347534e290305c3b9760f627: blobmsg_parse: ... (0) + crash-4c4d2c3c9ade5da9347534e290305c3b9760f627: blobmsg_parse_array: ... (-1) + crash-4c4d2c3c9ade5da9347534e290305c3b9760f627: blobmsg_parse: ... (0) + crash-4c4d2c3c9ade5da9347534e290305c3b9760f627: blobmsg_parse_array: ... (-1) + crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b: blobmsg_parse: ... (0) + crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b: blobmsg_parse_array: ... (-1) + crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b: blobmsg_parse: ... (0) + crash-5e9937b197c88bf4e7b7ee2612456cad4cb83f5b: blobmsg_parse_array: ... (-1) + crash-75b146c4e6fac64d3e62236b27c64b50657bab2a: blobmsg_parse: ... (0) + crash-75b146c4e6fac64d3e62236b27c64b50657bab2a: blobmsg_parse_array: ... (-1) + crash-75b146c4e6fac64d3e62236b27c64b50657bab2a: blobmsg_parse: ... (0) + crash-75b146c4e6fac64d3e62236b27c64b50657bab2a: blobmsg_parse_array: ... (-1) + crash-813f3e68661da09c26d4a87dbb9d5099e92be50f: blobmsg_parse: ... (0) + crash-813f3e68661da09c26d4a87dbb9d5099e92be50f: blobmsg_parse_array: ... (-1) + crash-813f3e68661da09c26d4a87dbb9d5099e92be50f: blobmsg_parse: ... (0) + crash-813f3e68661da09c26d4a87dbb9d5099e92be50f: blobmsg_parse_array: ... (-1) + crash-98595faa58ba01d85ba4fd0b109cd3d490b45795: blobmsg_parse: ... (0) + crash-98595faa58ba01d85ba4fd0b109cd3d490b45795: blobmsg_parse_array: ... (0) + crash-98595faa58ba01d85ba4fd0b109cd3d490b45795: blobmsg_parse: ... (0) + crash-98595faa58ba01d85ba4fd0b109cd3d490b45795: blobmsg_parse_array: ... (0) + crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1: blobmsg_parse: ... (0) + crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1: blobmsg_parse_array: ... (0) + crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1: blobmsg_parse: ... (0) + crash-d0f3aa7d60a094b021f635d4edb7807c055a4ea1: blobmsg_parse_array: ... (0) + crash-df9d1243057b27bbad6211e5a23d1cb699028aa2: blobmsg_parse: ... (0) + crash-df9d1243057b27bbad6211e5a23d1cb699028aa2: blobmsg_parse_array: ... (0) + crash-df9d1243057b27bbad6211e5a23d1cb699028aa2: blobmsg_parse: ... (0) + crash-df9d1243057b27bbad6211e5a23d1cb699028aa2: blobmsg_parse_array: ... (0) + crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2: blobmsg_parse: ... (0) + crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2: blobmsg_parse_array: ... (-1) + crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2: blobmsg_parse: ... (0) + crash-e2fd5ecb3b37926743256f1083f47a07c39e10c2: blobmsg_parse_array: ... (-1) + valid-blobmsg.bin: blobmsg_parse: MLT (0) + valid-blobmsg.bin: blobmsg_parse_array: MLT (0) + valid-blobmsg.bin: blobmsg_parse: MLT (0) + valid-blobmsg.bin: blobmsg_parse_array: MLT (0) diff --git a/tests/test-blobmsg-parse.c b/tests/test-blobmsg-parse.c new file mode 100644 index 000000000000..ca710fd58663 --- /dev/null +++ b/tests/test-blobmsg-parse.c @@ -0,0 +1,74 @@ +#include +#include +#include +#include + +#include "blobmsg.h" + +enum { + FOO_MESSAGE, + FOO_LIST, + FOO_TESTDATA, + __FOO_MAX +}; + +static const struct blobmsg_policy foo_policy[] = { + [FOO_MESSAGE] = { + .name = "message", + .type = BLOBMSG_TYPE_STRING, + }, + [FOO_LIST] = { + .name = "list", + .type = BLOBMSG_TYPE_ARRAY, + }, + [FOO_TESTDATA] = { + .name = "testdata", + .type = BLOBMSG_TYPE_TABLE, + }, +}; + +static void dump_result(const char *fn, int r, const char *filename, struct blob_attr **tb) +{ + fprintf(stdout, "%s: %s: %c%c%c (%d)\n", basename((char *) filename), fn, + tb[FOO_MESSAGE] ? 'M' : '.', + tb[FOO_LIST] ? 'L' : '.', + tb[FOO_TESTDATA] ? 'T' : '.', + r); +} + +static void test_blobmsg(const char *filename) +{ +#define BUF_LEN 256 + int r = 0; + FILE *fd = NULL; + size_t len = 0; + char buf[BUF_LEN+1] = { 0 }; + struct blob_attr *tb[__FOO_MAX]; + + fd = fopen(filename, "r"); + if (!fd) { + fprintf(stderr, "unable to open %s", filename); + return; + } + + len = fread(&buf, 1, BUF_LEN, fd); + fclose(fd); + + r = blobmsg_parse(foo_policy, ARRAY_SIZE(foo_policy), tb, buf, len); + dump_result("blobmsg_parse", r, filename, tb); + + r = blobmsg_parse_array(foo_policy, ARRAY_SIZE(foo_policy), tb, buf, len); + dump_result("blobmsg_parse_array", r, filename, tb); +} + +int main(int argc, char *argv[]) +{ + if (argc != 2) { + fprintf(stderr, "Usage: %s \n", argv[0]); + return 3; + } + + test_blobmsg(argv[1]); + + return 0; +} From patchwork Thu Dec 19 21:58:30 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1213735 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=true.cz Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="hhjc/h/U"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47f5T83RjLz9sPL for ; Fri, 20 Dec 2019 09:02:20 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=NOiUJTbnt2qtdjejQgLB1D42mvlA6hIFdO58tRHca5c=; b=hhjc/h/Uz4FU7+ YEJB6u2ex873M02q2m8ozss3HF64oatgheNZpBgxhEG3TKtqr5EY9cnN6QfW6NYUYvz39m8w+MX1t IM48XgbkIJs9VSWENGU9JluvwfajaGJ3uom5ubU1GnhhQsfJdQmLeUz2j2cnN801Ooj+psyrLNTP4 vOpHzrKRtpZKUXh7+CRfS0TbFbkIKoGDZipw+JtMjvxACyAIUSPBuzfEvQfTuVg+LLNe5kugYg/1R RrDUr+yy4Iz1pvOT6sPBzMk9Uf+Iq/Q6O0i9O8xxKfiBEssOOrVIIqXmN+H6M8HfTo4glFIfH6jpG /KC6geNdZQZ/1KrxTCBw==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3sA-00085y-Pl; Thu, 19 Dec 2019 22:02:18 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3or-0000vA-Ou for openwrt-devel@lists.openwrt.org; Thu, 19 Dec 2019 21:58:59 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id 0DF444B53; Thu, 19 Dec 2019 22:58:48 +0100 (CET) Received: by meh.true.cz (OpenSMTPD) with ESMTP id c5682223; Thu, 19 Dec 2019 22:58:38 +0100 (CET) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Date: Thu, 19 Dec 2019 22:58:30 +0100 Message-Id: <20191219215836.21773-15-ynezz@true.cz> In-Reply-To: <20191219215836.21773-1-ynezz@true.cz> References: <20191219215836.21773-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191219_135854_013765_0FC2CC3A X-CRM114-Status: UNSURE ( 8.78 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.217.244.18 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [OpenWrt-Devel] [PATCH libubox 14/20] blobmsg: make blobmsg_len and blobmsg_data_len return unsigned value X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Petr_=C5=A0tetiar?= Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org One usually doesn't guard against negative length values in the code. Signed-off-by: Petr Štetiar --- blobmsg.c | 3 ++- blobmsg.h | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/blobmsg.c b/blobmsg.c index 97e0c20575ff..1a8b783e9ba9 100644 --- a/blobmsg.c +++ b/blobmsg.c @@ -35,7 +35,8 @@ bool blobmsg_check_attr(const struct blob_attr *attr, bool name) { const struct blobmsg_hdr *hdr; const char *data; - int id, len; + size_t len; + int id; if (blob_len(attr) < sizeof(struct blobmsg_hdr)) return false; diff --git a/blobmsg.h b/blobmsg.h index b06ef597d8c6..0af087890000 100644 --- a/blobmsg.h +++ b/blobmsg.h @@ -86,7 +86,7 @@ static inline void *blobmsg_data(const struct blob_attr *attr) return data; } -static inline int blobmsg_data_len(const struct blob_attr *attr) +static inline size_t blobmsg_data_len(const struct blob_attr *attr) { uint8_t *start, *end; @@ -99,7 +99,7 @@ static inline int blobmsg_data_len(const struct blob_attr *attr) return blob_len(attr) - (end - start); } -static inline int blobmsg_len(const struct blob_attr *attr) +static inline size_t blobmsg_len(const struct blob_attr *attr) { return blobmsg_data_len(attr); } From patchwork Thu Dec 19 21:58:31 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1213737 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=true.cz Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="h3h5v018"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47f5Td30hFz9sPL for ; Fri, 20 Dec 2019 09:02:45 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=xHZFJvRwSKtzJHSRzDG1jCN1cKJvgTBRRb5lo3hE9vE=; b=h3h5v0189kwuZb g0OyEGfSX/+OeqfXbhIMXZt311DRamE2ONxRY9QLcB8AX369vaRwROJQLKh/g4KXz9eMU/GrTrZYl 3mMXw+gq+nO4mPdVWs2cYXbpGP7LdjJPuAYAB/fVZoPKSG7KwgaAzqhioclcw/8P7YgA2ZYESBTlj 9Gi6cdk1eqVZebKLbkq+9d4YyzCvLMq1FiCgb+kmtWBLfPZi2jQxZiIKuLyPp9wnEOR+uItfOe+/J 2cgcJq6cY4LMR4cVnw50tnnxUux1tnFnGrrFt28iKzWPT+0f3wP5SOLWiXWFHZ+3GZS2zxJrRObsx NvIvUH0WM/jTaekeTxCQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3sZ-0000T2-LB; Thu, 19 Dec 2019 22:02:43 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3ot-0000x4-DW for openwrt-devel@lists.openwrt.org; Thu, 19 Dec 2019 21:59:00 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id 32F634B54; Thu, 19 Dec 2019 22:58:48 +0100 (CET) Received: by meh.true.cz (OpenSMTPD) with ESMTP id 070eb51a; Thu, 19 Dec 2019 22:58:38 +0100 (CET) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Date: Thu, 19 Dec 2019 22:58:31 +0100 Message-Id: <20191219215836.21773-16-ynezz@true.cz> In-Reply-To: <20191219215836.21773-1-ynezz@true.cz> References: <20191219215836.21773-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191219_135855_634518_DAEC4CE9 X-CRM114-Status: UNSURE ( 7.40 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.217.244.18 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [OpenWrt-Devel] [PATCH libubox 15/20] blobmsg: fix heap buffer overflow in blobmsg_parse X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Petr_=C5=A0tetiar?= Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org Fixes following error found by the fuzzer: ==29774==ERROR: AddressSanitizer: heap-buffer-overflow READ of size 1 at 0x6020004f1c56 thread T0 #0 strcmp sanitizer_common_interceptors.inc:442:3 #1 blobmsg_parse blobmsg.c:168:8 Signed-off-by: Petr Štetiar --- blobmsg.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/blobmsg.c b/blobmsg.c index 1a8b783e9ba9..71d4a36a647c 100644 --- a/blobmsg.c +++ b/blobmsg.c @@ -53,6 +53,9 @@ bool blobmsg_check_attr(const struct blob_attr *attr, bool name) id = blob_id(attr); len = blobmsg_data_len(attr); + if (len > blob_raw_len(attr)) + return false; + data = blobmsg_data(attr); if (id > BLOBMSG_TYPE_LAST) From patchwork Thu Dec 19 21:58:32 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1213741 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=true.cz Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="jVJbqkrE"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47f5Vh4dtVz9sPL for ; Fri, 20 Dec 2019 09:03:40 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=cp99vYPKgfX5B1wbOkiGxijzkOGE8tqc+OGkIgB2ARY=; b=jVJbqkrEQlLIr7 AXZIz4a80WsExJTNW/dIqXCbWhP/rqH7RIaJep5o+De5Cfocoqs104Kd7La8T5K+QUN22Zgn99CzB Qg6+Eh78ytQa9bP606vt48teeM8WzyqTH5b7oSbp0R0lGQLFSWpQdrpfPN227Kf1b8H9CUb92BNiz b3/dm83pJWwzrfZecXyql/3I2/Ly1AIkGZXUuLhP5CeYIGYMwXN/qg905Msa/sY3+1OK4y+ZQqGQB VEX4lmfpizYITVuliOs8maWF1aBNYee7lYwC3l5yFUpmqeMRWpI+7z5maxM7X/zMly5oI5tlojyC6 NWEKYQGeHsqP5NqK/vbw==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3tS-00020u-S3; Thu, 19 Dec 2019 22:03:38 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3ot-0000x5-C8 for openwrt-devel@lists.openwrt.org; Thu, 19 Dec 2019 21:59:00 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id 3F3ED4B55; Thu, 19 Dec 2019 22:58:48 +0100 (CET) Received: by meh.true.cz (OpenSMTPD) with ESMTP id 02d3be27; Thu, 19 Dec 2019 22:58:38 +0100 (CET) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Date: Thu, 19 Dec 2019 22:58:32 +0100 Message-Id: <20191219215836.21773-17-ynezz@true.cz> In-Reply-To: <20191219215836.21773-1-ynezz@true.cz> References: <20191219215836.21773-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191219_135855_593690_08381656 X-CRM114-Status: UNSURE ( 7.11 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.217.244.18 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [OpenWrt-Devel] [PATCH libubox 16/20] Ensure blob_attr length check does not perform out of bounds reads X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Petr_=C5=A0tetiar?= , Tobias Schramm Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org From: Tobias Schramm Before there might have been as little as one single byte left which would result in 3 bytes of blob_attr->id_len being out of bounds. Acked-by: Yousong Zhou Signed-off-by: Tobias Schramm [line wrapped < 72 chars] Signed-off-by: Petr Štetiar --- blob.h | 4 ++-- blobmsg.h | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/blob.h b/blob.h index af033607e309..6d618767b91a 100644 --- a/blob.h +++ b/blob.h @@ -243,7 +243,7 @@ blob_put_u64(struct blob_buf *buf, int id, uint64_t val) #define __blob_for_each_attr(pos, attr, rem) \ for (pos = (struct blob_attr *) attr; \ - rem > 0 && (blob_pad_len(pos) <= rem) && \ + rem >= sizeof(struct blob_attr) && (blob_pad_len(pos) <= rem) && \ (blob_pad_len(pos) >= sizeof(struct blob_attr)); \ rem -= blob_pad_len(pos), pos = blob_next(pos)) @@ -251,7 +251,7 @@ blob_put_u64(struct blob_buf *buf, int id, uint64_t val) #define blob_for_each_attr(pos, attr, rem) \ for (rem = attr ? blob_len(attr) : 0, \ pos = (struct blob_attr *) (attr ? blob_data(attr) : NULL); \ - rem > 0 && (blob_pad_len(pos) <= rem) && \ + rem >= sizeof(struct blob_attr) && (blob_pad_len(pos) <= rem) && \ (blob_pad_len(pos) >= sizeof(struct blob_attr)); \ rem -= blob_pad_len(pos), pos = blob_next(pos)) diff --git a/blobmsg.h b/blobmsg.h index 0af087890000..00e0fdc1d5c6 100644 --- a/blobmsg.h +++ b/blobmsg.h @@ -266,7 +266,7 @@ int blobmsg_printf(struct blob_buf *buf, const char *name, const char *format, . #define blobmsg_for_each_attr(pos, attr, rem) \ for (rem = attr ? blobmsg_data_len(attr) : 0, \ pos = (struct blob_attr *) (attr ? blobmsg_data(attr) : NULL); \ - rem > 0 && (blob_pad_len(pos) <= rem) && \ + rem >= sizeof(struct blob_attr) && (blob_pad_len(pos) <= rem) && \ (blob_pad_len(pos) >= sizeof(struct blob_attr)); \ rem -= blob_pad_len(pos), pos = blob_next(pos)) From patchwork Thu Dec 19 21:58:33 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1213738 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=true.cz Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="LGd28blR"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47f5Tz15Yfz9sPL for ; Fri, 20 Dec 2019 09:03:03 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=zomRN85PaNdIXmPa+4El1p0tgDtgmz7gWQjkeLh6zec=; b=LGd28blRKRNdp/ 8ZGu24bzRIBUMIXuLhQHxKm3VCNFzj8F6LYNOSHtf+cYzhfOaqqLFUkZU0efPXj2RulBz8v39i/m+ Kh9DMpRxQuRXadU6kBu7ekPuih+5Vj6fZNqCzpDDuK9gThqe/pvvl5B79Ho5e+03p2noMTgc7vuPq 7Uac3npjnewZSvk8x1uABE4x5Au71UaOfOmdOZSlw8k6izO/U92ro7jVhlKaSYKhIVwJaP9QuQ8xJ DyoQXI40rhvB3xXCUZ7eYW5tNZuUIrgXzzGqnpnMUiLjX9gvsLmD1rMu4+yNMz5EWu82iKGfF0NQT 8fxy+LRsx+9/Pta8+HEQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3sn-0000o7-PU; Thu, 19 Dec 2019 22:02:57 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3ot-0000xa-WD for openwrt-devel@lists.openwrt.org; Thu, 19 Dec 2019 21:59:01 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id 9E3474B57; Thu, 19 Dec 2019 22:58:52 +0100 (CET) Received: by meh.true.cz (OpenSMTPD) with ESMTP id f9054405; Thu, 19 Dec 2019 22:58:39 +0100 (CET) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Date: Thu, 19 Dec 2019 22:58:33 +0100 Message-Id: <20191219215836.21773-18-ynezz@true.cz> In-Reply-To: <20191219215836.21773-1-ynezz@true.cz> References: <20191219215836.21773-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191219_135856_364508_92EF6FF3 X-CRM114-Status: UNSURE ( 8.95 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.217.244.18 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [OpenWrt-Devel] [PATCH libubox 17/20] Replace use of blobmsg_check_attr by blobmsg_check_attr_len X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Petr_=C5=A0tetiar?= , Tobias Schramm Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org From: Tobias Schramm blobmsg_check_attr_len adds a length limit specifying the max offset from attr that can be read safely. Signed-off-by: Tobias Schramm [rebased and reworked, line wrapped commit message, _safe -> _len] Signed-off-by: Petr Štetiar --- blobmsg.c | 60 ++++++++++++++++++++++++++++++++++++++++++------------- blobmsg.h | 2 ++ 2 files changed, 48 insertions(+), 14 deletions(-) diff --git a/blobmsg.c b/blobmsg.c index 71d4a36a647c..fbc6d2de9135 100644 --- a/blobmsg.c +++ b/blobmsg.c @@ -33,38 +33,70 @@ blobmsg_namelen(const struct blobmsg_hdr *hdr) bool blobmsg_check_attr(const struct blob_attr *attr, bool name) { + return blobmsg_check_attr_len(attr, name, blob_raw_len(attr)); +} + +static bool blobmsg_check_name(const struct blob_attr *attr, size_t len, bool name) +{ + char *limit = (char *) attr + len; const struct blobmsg_hdr *hdr; - const char *data; - size_t len; - int id; - if (blob_len(attr) < sizeof(struct blobmsg_hdr)) + hdr = blob_data(attr); + if (name && !hdr->namelen) return false; - hdr = (void *) attr->data; - if (!hdr->namelen && name) + if ((char *) hdr->name + blobmsg_namelen(hdr) > limit) return false; - if (blobmsg_namelen(hdr) > blob_len(attr) - sizeof(struct blobmsg_hdr)) + if (blobmsg_namelen(hdr) > (blob_len(attr) - sizeof(struct blobmsg_hdr))) return false; if (hdr->name[blobmsg_namelen(hdr)] != 0) return false; - id = blob_id(attr); - len = blobmsg_data_len(attr); - if (len > blob_raw_len(attr)) - return false; + return true; +} + +static const char* blobmsg_check_data(const struct blob_attr *attr, size_t len, size_t *data_len) +{ + char *limit = (char *) attr + len; + const char *data; + + *data_len = blobmsg_data_len(attr); + if (*data_len > blob_raw_len(attr)) + return NULL; data = blobmsg_data(attr); + if (data + *data_len > limit) + return NULL; + + return data; +} + +bool blobmsg_check_attr_len(const struct blob_attr *attr, bool name, size_t len) +{ + const char *data; + size_t data_len; + int id; + if (len < sizeof(struct blob_attr)) + return false; + + if (!blobmsg_check_name(attr, len, name)) + return false; + + id = blob_id(attr); if (id > BLOBMSG_TYPE_LAST) return false; if (!blob_type[id]) return true; - return blob_check_type(data, len, blob_type[id]); + data = blobmsg_check_data(attr, len, &data_len); + if (!data) + return false; + + return blob_check_type(data, data_len, blob_type[id]); } int blobmsg_check_array(const struct blob_attr *attr, int type) @@ -115,7 +147,7 @@ int blobmsg_parse_array(const struct blobmsg_policy *policy, int policy_len, blob_id(attr) != policy[i].type) continue; - if (!blobmsg_check_attr(attr, false)) + if (!blobmsg_check_attr_len(attr, false, len)) return -1; if (tb[i]) @@ -162,7 +194,7 @@ int blobmsg_parse(const struct blobmsg_policy *policy, int policy_len, if (blobmsg_namelen(hdr) != pslen[i]) continue; - if (!blobmsg_check_attr(attr, true)) + if (!blobmsg_check_attr_len(attr, true, len)) return -1; if (tb[i]) diff --git a/blobmsg.h b/blobmsg.h index 00e0fdc1d5c6..c44015942a37 100644 --- a/blobmsg.h +++ b/blobmsg.h @@ -107,6 +107,8 @@ static inline size_t blobmsg_len(const struct blob_attr *attr) bool blobmsg_check_attr(const struct blob_attr *attr, bool name); bool blobmsg_check_attr_list(const struct blob_attr *attr, int type); +bool blobmsg_check_attr_len(const struct blob_attr *attr, bool name, size_t len); + /* * blobmsg_check_array: validate array/table and return size * From patchwork Thu Dec 19 21:58:34 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1213739 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=true.cz Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="eh/z0H/0"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47f5V65DJkz9sPL for ; Fri, 20 Dec 2019 09:03:10 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=MWvf7fUTc+EQymGwhZMpYTjFmZVhkh7Tc5eR1gGuDVg=; b=eh/z0H/0GjI4TM 1HDMlKaAExBUDdSfoG6YPWgRFOIcU8th51sJMcu4ZkAFdAnCeeIqxTfgaVii93O99G5hYZ2+7UQdi d2Yjw0a6MU1EMIDh4zYbbm4pAc7hgoof882WV9FVKObC9CDMWDzZLfT9JPT0aMTCkDuGe6GxcfbUU 0nyoGs+41YoCQnyv7cknqL+2UyX1Vb15j3wE/ReWQV1NLbH3mhEOLmR6MAqG92RB3y862YhSiIUjX RZaGREnlrypuuuHg4o2J3eYY8lFIjk+Ol7ppFFwE3JlxC/MInenkRI563fimS6dalhSAl5eUilyzt 6svrU0aZW1oH0Giyja/A==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3sy-00019e-2y; Thu, 19 Dec 2019 22:03:08 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3ou-0000xb-2B for openwrt-devel@lists.openwrt.org; Thu, 19 Dec 2019 21:59:00 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id EFEF64B58; Thu, 19 Dec 2019 22:58:52 +0100 (CET) Received: by meh.true.cz (OpenSMTPD) with ESMTP id 54394f59; Thu, 19 Dec 2019 22:58:39 +0100 (CET) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Date: Thu, 19 Dec 2019 22:58:34 +0100 Message-Id: <20191219215836.21773-19-ynezz@true.cz> In-Reply-To: <20191219215836.21773-1-ynezz@true.cz> References: <20191219215836.21773-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191219_135856_307415_13C7B537 X-CRM114-Status: GOOD ( 10.92 ) X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.217.244.18 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [OpenWrt-Devel] [PATCH libubox 18/20] blobmsg: add _len variants for all attribute checking methods X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Petr_=C5=A0tetiar?= , Tobias Schramm Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org From: Tobias Schramm Introduce _len variants of blobmsg attribute checking functions which aims to provide safer implementation as those functions should limit all memory accesses performed on the blob to the range [attr, attr + len] (upper bound non inclusive) and thus should be suited for checking of untrusted blob attributes. While at it add some comments in order to make it clear. Signed-off-by: Tobias Schramm [_safe -> _len, blobmsg_check_array_len fix, commit subject/desc facelift] Signed-off-by: Petr Štetiar --- blobmsg.c | 21 ++++++++++++++++++--- blobmsg.h | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 72 insertions(+), 4 deletions(-) diff --git a/blobmsg.c b/blobmsg.c index fbc6d2de9135..7cd0934600de 100644 --- a/blobmsg.c +++ b/blobmsg.c @@ -100,12 +100,22 @@ bool blobmsg_check_attr_len(const struct blob_attr *attr, bool name, size_t len) } int blobmsg_check_array(const struct blob_attr *attr, int type) +{ + return blobmsg_check_array_len(attr, type, blob_raw_len(attr)); +} + +int blobmsg_check_array_len(const struct blob_attr *attr, int type, size_t len) { struct blob_attr *cur; bool name; - size_t rem; int size = 0; + if (type > BLOBMSG_TYPE_LAST) + return -1; + + if (!blobmsg_check_attr_len(attr, false, len)) + return -1; + switch (blobmsg_type(attr)) { case BLOBMSG_TYPE_TABLE: name = true; @@ -117,11 +127,11 @@ int blobmsg_check_array(const struct blob_attr *attr, int type) return -1; } - blobmsg_for_each_attr(cur, attr, rem) { + __blobmsg_for_each_attr(cur, attr, len) { if (type != BLOBMSG_TYPE_UNSPEC && blobmsg_type(cur) != type) return -1; - if (!blobmsg_check_attr(cur, name)) + if (!blobmsg_check_attr_len(cur, name, len)) return -1; size++; @@ -135,6 +145,11 @@ bool blobmsg_check_attr_list(const struct blob_attr *attr, int type) return blobmsg_check_array(attr, type) >= 0; } +bool blobmsg_check_attr_list_len(const struct blob_attr *attr, int type, size_t len) +{ + return blobmsg_check_array_len(attr, type, len) >= 0; +} + int blobmsg_parse_array(const struct blobmsg_policy *policy, int policy_len, struct blob_attr **tb, void *data, unsigned int len) { diff --git a/blobmsg.h b/blobmsg.h index c44015942a37..af88c1feb86f 100644 --- a/blobmsg.h +++ b/blobmsg.h @@ -104,19 +104,66 @@ static inline size_t blobmsg_len(const struct blob_attr *attr) return blobmsg_data_len(attr); } +/* + * blobmsg_check_attr: validate a list of attributes + * + * This method may be used with trusted data only. Providing + * malformed blobs will cause out of bounds memory access. + */ bool blobmsg_check_attr(const struct blob_attr *attr, bool name); -bool blobmsg_check_attr_list(const struct blob_attr *attr, int type); +/* + * blobmsg_check_attr_len: validate a list of attributes + * + * This method should be safer implementation of blobmsg_check_attr. + * It will limit all memory access performed on the blob to the + * range [attr, attr + len] (upper bound non inclusive) and is + * thus suited for checking of untrusted blob attributes. + */ bool blobmsg_check_attr_len(const struct blob_attr *attr, bool name, size_t len); +/* + * blobmsg_check_attr_list: validate a list of attributes + * + * This method may be used with trusted data only. Providing + * malformed blobs will cause out of bounds memory access. + */ +bool blobmsg_check_attr_list(const struct blob_attr *attr, int type); + +/* + * blobmsg_check_attr_list_len: validate a list of untrusted attributes + * + * This method should be safer implementation of blobmsg_check_attr_list. + * It will limit all memory access performed on the blob to the + * range [attr, attr + len] (upper bound non inclusive) and is + * thus suited for checking of untrusted blob attributes. + */ +bool blobmsg_check_attr_list_len(const struct blob_attr *attr, int type, size_t len); + /* * blobmsg_check_array: validate array/table and return size * * Checks if all elements of an array or table are valid and have * the specified type. Returns the number of elements in the array + * + * This method may be used with trusted data only. Providing + * malformed blobs will cause out of bounds memory access. */ int blobmsg_check_array(const struct blob_attr *attr, int type); +/* + * blobmsg_check_array_len: validate untrusted array/table and return size + * + * Checks if all elements of an array or table are valid and have + * the specified type. Returns the number of elements in the array. + * + * This method should be safer implementation of blobmsg_check_array. + * It will limit all memory access performed on the blob to the + * range [attr, attr + len] (upper bound non inclusive) and is + * thus suited for checking of untrusted blob attributes. + */ +int blobmsg_check_array_len(const struct blob_attr *attr, int type, size_t len); + int blobmsg_parse(const struct blobmsg_policy *policy, int policy_len, struct blob_attr **tb, void *data, unsigned int len); int blobmsg_parse_array(const struct blobmsg_policy *policy, int policy_len, @@ -272,4 +319,10 @@ int blobmsg_printf(struct blob_buf *buf, const char *name, const char *format, . (blob_pad_len(pos) >= sizeof(struct blob_attr)); \ rem -= blob_pad_len(pos), pos = blob_next(pos)) +#define __blobmsg_for_each_attr(pos, attr, rem) \ + for (pos = (struct blob_attr *) (attr ? blobmsg_data(attr) : NULL); \ + rem >= sizeof(struct blob_attr) && (blob_pad_len(pos) <= rem) && \ + (blob_pad_len(pos) >= sizeof(struct blob_attr)); \ + rem -= blob_pad_len(pos), pos = blob_next(pos)) + #endif From patchwork Thu Dec 19 21:58:35 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1213740 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=true.cz Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="goQmHb58"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47f5VT3m4Sz9sPT for ; Fri, 20 Dec 2019 09:03:29 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=+llgwOtC05TTNe3pzfI+bfOgkxlRYPhCWX2xbdcwjI0=; b=goQmHb58LL+Kza I8OIB75D2aNX9Er9scfryakw0oSm64hxahoSxQWn8P5l7MhlyJY+CHyH6mB2Hmtr071LuvvhzPMBN ZbpEfoXV8ebOmssStY+AKcTSbJCYSDtV/gKf6C59O/5F6syMxuCloQ3lZQTLtPvKltlkkpakyvguP z69fMAV3iLic/CK5izpYc5y4k2duGJyzlTQeMOHi5JGSJiSW19fj0IJAy15LWC42oUo0wh/3kMaqD Vv9n2VAcGw5l9dexEOZbk00yZ50DxuMpWRrlYkR7YeRSpBjKWx/EBv4LhLXO804e69Z9VoNiOnJ7r dOGJhWdlvGSxoSapMZNg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3tD-0001a7-2s; Thu, 19 Dec 2019 22:03:23 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3ou-0000xn-GV for openwrt-devel@lists.openwrt.org; Thu, 19 Dec 2019 21:59:02 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id 34E214B59; Thu, 19 Dec 2019 22:58:53 +0100 (CET) Received: by meh.true.cz (OpenSMTPD) with ESMTP id 913341ed; Thu, 19 Dec 2019 22:58:40 +0100 (CET) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Date: Thu, 19 Dec 2019 22:58:35 +0100 Message-Id: <20191219215836.21773-20-ynezz@true.cz> In-Reply-To: <20191219215836.21773-1-ynezz@true.cz> References: <20191219215836.21773-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191219_135856_755036_BD0F5128 X-CRM114-Status: UNSURE ( 7.64 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.217.244.18 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [OpenWrt-Devel] [PATCH libubox 19/20] tests: fuzz: fuzz _len variants of checking methods X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Petr_=C5=A0tetiar?= Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org In order to increase test coverage. Signed-off-by: Petr Štetiar --- tests/fuzz/test-fuzz.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/tests/fuzz/test-fuzz.c b/tests/fuzz/test-fuzz.c index 52f2bbce878f..4dc13a8d8a3b 100644 --- a/tests/fuzz/test-fuzz.c +++ b/tests/fuzz/test-fuzz.c @@ -1,10 +1,13 @@ #include #include #include +#include #include "blob.h" #include "blobmsg.h" +#define BLOBMSG_TYPE_TROUBLE INT_MAX + static void fuzz_blobmsg_parse(const uint8_t *data, size_t size) { enum { @@ -14,6 +17,19 @@ static void fuzz_blobmsg_parse(const uint8_t *data, size_t size) __FOO_MAX }; + static const int blobmsg_type[] = { + BLOBMSG_TYPE_UNSPEC, + BLOBMSG_TYPE_ARRAY, + BLOBMSG_TYPE_TABLE, + BLOBMSG_TYPE_STRING, + BLOBMSG_TYPE_INT64, + BLOBMSG_TYPE_INT32, + BLOBMSG_TYPE_INT16, + BLOBMSG_TYPE_INT8, + BLOBMSG_TYPE_DOUBLE, + BLOBMSG_TYPE_TROUBLE, + }; + static const struct blobmsg_policy foo_policy[] = { [FOO_MESSAGE] = { .name = "message", @@ -33,6 +49,14 @@ static void fuzz_blobmsg_parse(const uint8_t *data, size_t size) blobmsg_parse(foo_policy, __FOO_MAX, tb, (uint8_t *)data, size); blobmsg_parse_array(foo_policy, __FOO_MAX, tb, (uint8_t *)data, size); + + blobmsg_check_attr_len((struct blob_attr *)data, false, size); + blobmsg_check_attr_len((struct blob_attr *)data, true, size); + + for (size_t i=0; i < ARRAY_SIZE(blobmsg_type); i++) { + blobmsg_check_array_len((struct blob_attr *)data, blobmsg_type[i], size); + blobmsg_check_attr_list_len((struct blob_attr *)data, blobmsg_type[i], size); + } } static void fuzz_blob_parse(const uint8_t *data, size_t size) From patchwork Thu Dec 19 21:58:36 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1213736 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=true.cz Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="s+7tCinV"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47f5TW3B5jz9sPL for ; Fri, 20 Dec 2019 09:02:39 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=rzl5WYVSyfUlLjZQCQzpAOmYWLGdsE9qAxqTo1CLGqA=; b=s+7tCinVkePkYs Nmld4BhK3xbQLbgXFX7nVXd92MRLT/HV45oCSobLsSG63SFNiPIkinCX1xljccbgXbN6IrgBVvRmL dIugoXr2bwfRKsoVo9VzRh3pdjQHbRikuLOqjWjrrpjphS+u2woE5cEABle1KCoav1E32utqbcsSW /iYDxoK4w8MFI68xx6QW9RRxHSzIavFojfeMoZNZ/AyI6GQqHjsmX4yV/b27jo6SkQ8DjTeA+JxF9 ewyDZOm4TZ0MmFgj4ZQvZEJiy72EJyDJUurFmzANWUfCGEIDhbXCC3qksPVhZlGyGLHOIXxhbJTSU 07I5oBm/lu6/rKOLGhJA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3sN-0008RZ-KV; Thu, 19 Dec 2019 22:02:31 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1ii3ou-0000xo-Dt for openwrt-devel@lists.openwrt.org; Thu, 19 Dec 2019 21:59:02 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id 65DD04B5A; Thu, 19 Dec 2019 22:58:53 +0100 (CET) Received: by meh.true.cz (OpenSMTPD) with ESMTP id c825c6e7; Thu, 19 Dec 2019 22:58:40 +0100 (CET) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Date: Thu, 19 Dec 2019 22:58:36 +0100 Message-Id: <20191219215836.21773-21-ynezz@true.cz> In-Reply-To: <20191219215836.21773-1-ynezz@true.cz> References: <20191219215836.21773-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191219_135856_646058_EE6B7FC0 X-CRM114-Status: UNSURE ( 8.03 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.217.244.18 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [OpenWrt-Devel] [PATCH libubox 20/20] blobmsg: reuse blobmsg_namelen in blobmsg_data X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Petr_=C5=A0tetiar?= Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org Move blobmsg_namelen into header file so it's possible to reuse it in blobmsg_data. Signed-off-by: Petr Štetiar --- blobmsg.c | 6 ------ blobmsg.h | 7 ++++++- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/blobmsg.c b/blobmsg.c index 7cd0934600de..48dba8156d58 100644 --- a/blobmsg.c +++ b/blobmsg.c @@ -25,12 +25,6 @@ static const int blob_type[__BLOBMSG_TYPE_LAST] = { [BLOBMSG_TYPE_UNSPEC] = BLOB_ATTR_BINARY, }; -static uint16_t -blobmsg_namelen(const struct blobmsg_hdr *hdr) -{ - return be16_to_cpu(hdr->namelen); -} - bool blobmsg_check_attr(const struct blob_attr *attr, bool name) { return blobmsg_check_attr_len(attr, name, blob_raw_len(attr)); diff --git a/blobmsg.h b/blobmsg.h index af88c1feb86f..be3c7ee2cbfd 100644 --- a/blobmsg.h +++ b/blobmsg.h @@ -69,6 +69,11 @@ static inline int blobmsg_type(const struct blob_attr *attr) return blob_id(attr); } +static uint16_t blobmsg_namelen(const struct blobmsg_hdr *hdr) +{ + return be16_to_cpu(hdr->namelen); +} + static inline void *blobmsg_data(const struct blob_attr *attr) { struct blobmsg_hdr *hdr; @@ -81,7 +86,7 @@ static inline void *blobmsg_data(const struct blob_attr *attr) data = (char *) blob_data(attr); if (blob_is_extended(attr)) - data += blobmsg_hdrlen(be16_to_cpu(hdr->namelen)); + data += blobmsg_hdrlen(blobmsg_namelen(hdr)); return data; }