vieter-v
/
libvieter
2
0
Fork 2
Code Issues 2 Pull Requests 2 Releases Activity

fix: Using snprintf while ignoring its return value could lead to valid inputs getting truncated.

remotes/1752799129400365335/package
GreekStapler 2023-01-31 21:00:08 +00:00
parent 9211bc3351
commit c7c4043108
2 changed files with 33 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
include/vieter_package.h
View File

@ -1,16 +1,10 @@
#ifndef VIETER_PACKAGE #ifndef VIETER_PACKAGE
#define VIETER_PACKAGE #define VIETER_PACKAGE
#include <stdint.h>
#include <stdbool.h>
#include <string.h>
#include <stdlib.h>
#include <archive.h>
#include <archive_entry.h>
typedef struct vieter_package vieter_package; typedef struct vieter_package vieter_package;
/* /*
* Parse package file into something usable by libvieter. * Parse package file into something usable by libvieter.
* The pointer returned by this function will need to freed at a later point. * The pointer returned by this function will need to freed at a later point.

51
src/package/vieter_package.c
View File

@ -1,30 +1,29 @@
#include <stdlib.h>
#include <stdbool.h>
#include <archive.h>
#include <archive_entry.h>
#include "vieter_package_internal.h" #include "vieter_package_internal.h"
#include "sha256.h" #include "sha256.h"
#define SMALL_BUFF_SIZE 128
#define ADD_STRING(section, field) if (pkg_info->field != 0) { \ #define ADD_STRING(section, field) if (pkg_info->field != 0) { \
snprintf(aux, SMALL_BUFF_SIZE, section, pkg_info->field); \ size_to_be_written = snprintf(aux, small_buff_size, section, pkg_info->field); \
if (buff_size < strlen(description) + SMALL_BUFF_SIZE + 1) { \ if (size_to_be_written > small_buff_size) { \
aux = realloc(aux, size_to_be_written + 1); \
small_buff_size = size_to_be_written + 1; \
snprintf(aux, small_buff_size, section, pkg_info->field); \
} \
if (buff_size < strlen(description) + small_buff_size + 1) { \
description = realloc(description, buff_size * 2); \ description = realloc(description, buff_size * 2); \
buff_size *= 2; \ buff_size *= 2; \
} \ } \
strcat(description, aux); \ strcat(description, aux); \
} }
#define ADD_ARRAY(section, field) i = 0; if (pkg_info->field != NULL) { \ #define ADD_ARRAY(section, field) i = 0; if (pkg_info->field != NULL) { \
snprintf(aux, SMALL_BUFF_SIZE, section, pkg_info->field->array[i]); i++; \ ADD_STRING(section, field->array[i]); i++; \
if (buff_size < strlen(description) + SMALL_BUFF_SIZE + 1) { \
description = realloc(description, buff_size * 2); \
buff_size *= 2; \
} \
strcat(description, aux); \
while (pkg_info->field->array[i] != NULL) { \ while (pkg_info->field->array[i] != NULL) { \
snprintf(aux, SMALL_BUFF_SIZE, "\n%s", pkg_info->field->array[i]); i++; \ ADD_STRING("\n%s", field->array[i]); i++; \
if (buff_size < strlen(description) + SMALL_BUFF_SIZE + 1) { \
description = realloc(description, buff_size * 2); \
buff_size *= 2; \
} \
strcat(description, aux); \
} \ } \
} }
@ -170,19 +169,32 @@ void vieter_package_sha256sum(vieter_package *pkg, char *res) {
res[j] = '\0'; res[j] = '\0';
} }
char *vieter_package_to_description(vieter_package *pkg) { char *vieter_package_to_description(vieter_package *pkg) {
vieter_package_info *pkg_info = pkg->info; vieter_package_info *pkg_info = pkg->info;
size_t buff_size = 1024; size_t buff_size = 1024;
char aux[SMALL_BUFF_SIZE]; int small_buff_size = 128;
int size_to_be_written;
char *aux = malloc(sizeof(char) * small_buff_size);
char *description = malloc(sizeof(char) * buff_size); char *description = malloc(sizeof(char) * buff_size);
// Helper variable for ADD_ARRAY macro // Helper variable for ADD_ARRAY macro
int i; int i;
// special case for FILENAME // special case for FILENAME
// assuming .pkg.tar.zst; other formats are valid, this should account for that // assuming .pkg.tar.zst; other formats are valid, this should account for that
snprintf(aux, SMALL_BUFF_SIZE, "%%FILENAME%%\n%s-%s-%s.pkg.tar.zst", pkg_info->name, size_to_be_written = snprintf(aux, small_buff_size, "%%FILENAME%%\n%s-%s-%s.pkg.tar.zst", pkg_info->name,
pkg_info->version, pkg_info->arch); pkg_info->version, pkg_info->arch);
// We neither want to let an arbritrarily long input to overflow the buffer
// nor to truncate perfectly valid inputs
if (size_to_be_written > small_buff_size) {
aux = realloc(aux, size_to_be_written + 1);
small_buff_size = size_to_be_written + 1;
snprintf(aux, small_buff_size, "%%FILENAME%%\n%s-%s-%s.pkg.tar.zst", pkg_info->name,
pkg_info->version, pkg_info->arch);
}
strcpy(description, aux); strcpy(description, aux);
ADD_STRING("\n\n%%NAME%%\n%s", name); ADD_STRING("\n\n%%NAME%%\n%s", name);
@ -216,8 +228,7 @@ char *vieter_package_to_description(vieter_package *pkg) {
ADD_ARRAY("\n\n%%MAKEDEPENDS%%\n%s", makedepends); ADD_ARRAY("\n\n%%MAKEDEPENDS%%\n%s", makedepends);
ADD_ARRAY("\n\n%%CHECKDEPENDS%%\n%s", checkdepends); ADD_ARRAY("\n\n%%CHECKDEPENDS%%\n%s", checkdepends);
snprintf(aux, SMALL_BUFF_SIZE, "\n\n"); strcat(description, "\n\n");
strcat(description, aux);
return description; return description;
} }