NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: bin/45749: disklabel(8) uses wrong boundaries for several values, destroys disklabels
The following reply was made to PR bin/45749; it has been noted by GNATS.
From: Julian Djamil Fagir <gnrp%komkon2.de@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc:
Subject: Re: bin/45749: disklabel(8) uses wrong boundaries for several
values, destroys disklabels
Date: Wed, 28 Dec 2011 18:11:43 +0100
--Sig_/P/X_PV2fUdUR7IiqBsKCNe8
Content-Type: multipart/mixed; boundary="MP_/t1SNLi=bRAWDFfVn/Pf24iE"
--MP_/t1SNLi=bRAWDFfVn/Pf24iE
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Hi,
the attached diffs should solve the issue of invalid string input.
Not very thoroughly tested, mainly only the tests below.
If you know more test scenarios, please tell me or test it yourself.
Regards, Julian
# ./disklabel -i wd1
Enter '?' for help
partition> I
# Current values:
# /dev/rwd1d:
type: ESDI
disk: VBOX HARDDISK =20
label: fictitious
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 16
sectors/cylinder: 1008
cylinders: 4161
total sectors: 4194304
rpm: 3600
interleave: 1
trackskew: 0
cylinderskew: 0
headswitch: 0 # microseconds
track-to-track seek: 0 # microseconds
drivedata: 0=20
Disk type [?] [ESDI]:=20
Disk name [VBOX HARDDISK ]:=20
Label name [fictitious]:=20
Number of partitions [4]: 65536
Invalid number of partitions `65536'
Number of partitions [4]: 65535nee
Invalid number of partitions `65535nee'
Number of partitions [4]: nee65535
Invalid number of partitions `nee65535'
Number of partitions [4]: 65535
Sector size (bytes) [512]:=20
...
--MP_/t1SNLi=bRAWDFfVn/Pf24iE
Content-Type: text/x-patch
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment; filename=extern.h.diff
--- extern.h
+++ extern.h
@@ -28,9 +28,11 @@
int checklabel(struct disklabel *);
void showinfo(FILE *, struct disklabel *, const char *);
void showpartitions(FILE *, struct disklabel *, int);
void showpartition(FILE *, struct disklabel *, int, int);
void interact(struct disklabel *, int);
+int strtouint16(char *, uint16_t *);
+int strtouint32(char *, uint32_t *);
int list_fs_types(void);
=20
extern char specname[];
extern int Cflag;
--MP_/t1SNLi=bRAWDFfVn/Pf24iE
Content-Type: text/x-patch
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment; filename=interact.c.diff
--- interact.c
+++ interact.c
@@ -150,11 +150,12 @@
cmd_info(struct disklabel *lp, char *s, int fd)
{
char line[BUFSIZ];
char def[BUFSIZ];
int v, i;
- u_int32_t u;
+ u_int32_t u32;
+ u_int16_t u16;
=20
printf("# Current values:\n");
showinfo(stdout, lp, specname);
=20
/* d_type */
@@ -207,15 +208,15 @@
i =3D getinput(":", "Number of partitions", def, line);
if (i =3D=3D -1)
return;
else if (i =3D=3D 0)
break;
- if (sscanf(line, "%" SCNu32, &u) !=3D 1) {
+ if (strtouint16(line, &u16)) {
printf("Invalid number of partitions `%s'\n", line);
continue;
}
- lp->d_npartitions =3D u;
+ lp->d_npartitions =3D u16;
break;
}
=20
/* d_secsize */
for (;;) {
@@ -223,15 +224,15 @@
i =3D getinput(":", "Sector size (bytes)", def, line);
if (i =3D=3D -1)
return;
else if (i =3D=3D 0)
break;
- if (sscanf(line, "%" SCNu32, &u) !=3D 1) {
+ if (strtouint32(line, &u32)) {
printf("Invalid sector size `%s'\n", line);
continue;
}
- lp->d_secsize =3D u;
+ lp->d_secsize =3D u32;
break;
}
=20
/* d_nsectors */
for (;;) {
@@ -239,15 +240,15 @@
i =3D getinput(":", "Number of sectors per track", def, line);
if (i =3D=3D -1)
return;
else if (i =3D=3D 0)
break;
- if (sscanf(line, "%" SCNu32, &u) !=3D 1) {
+ if (strtouint32(line, &u32)) {
printf("Invalid number of sectors `%s'\n", line);
continue;
}
- lp->d_nsectors =3D u;
+ lp->d_nsectors =3D u32;
break;
}
=20
/* d_ntracks */
for (;;) {
@@ -255,15 +256,15 @@
i =3D getinput(":", "Number of tracks per cylinder", def, line);
if (i =3D=3D -1)
return;
else if (i =3D=3D 0)
break;
- if (sscanf(line, "%" SCNu32, &u) !=3D 1) {
+ if (strtouint32(line, &u32)) {
printf("Invalid number of tracks `%s'\n", line);
continue;
}
- lp->d_ntracks =3D u;
+ lp->d_ntracks =3D u32;
break;
}
=20
/* d_secpercyl */
for (;;) {
@@ -271,16 +272,16 @@
i =3D getinput(":", "Number of sectors/cylinder", def, line);
if (i =3D=3D -1)
return;
else if (i =3D=3D 0)
break;
- if (sscanf(line, "%" SCNu32, &u) !=3D 1) {
+ if (strtouint32(line, &u32)) {
printf("Invalid number of sector/cylinder `%s'\n",
line);
continue;
}
- lp->d_secpercyl =3D u;
+ lp->d_secpercyl =3D u32;
break;
}
=20
/* d_ncylinders */
for (;;) {
@@ -288,15 +289,15 @@
i =3D getinput(":", "Total number of cylinders", def, line);
if (i =3D=3D -1)
return;
else if (i =3D=3D 0)
break;
- if (sscanf(line, "%" SCNu32, &u) !=3D 1) {
+ if (strtouint32(line, &u32)) {
printf("Invalid sector size `%s'\n", line);
continue;
}
- lp->d_ncylinders =3D u;
+ lp->d_ncylinders =3D u32;
break;
}
=20
/* d_secperunit */
for (;;) {
@@ -304,15 +305,15 @@
i =3D getinput(":", "Total number of sectors", def, line);
if (i =3D=3D -1)
return;
else if (i =3D=3D 0)
break;
- if (sscanf(line, "%" SCNu32, &u) !=3D 1) {
+ if (strtouint32(line, &u32)) {
printf("Invalid number of sectors `%s'\n", line);
continue;
}
- lp->d_secperunit =3D u;
+ lp->d_secperunit =3D u32;
break;
}
=20
/* d_rpm */
=20
@@ -322,15 +323,15 @@
i =3D getinput(":", "Hardware sectors interleave", def, line);
if (i =3D=3D -1)
return;
else if (i =3D=3D 0)
break;
- if (sscanf(line, "%" SCNu32, &u) !=3D 1) {
+ if (strtouint16(line, &u16)) {
printf("Invalid sector interleave `%s'\n", line);
continue;
}
- lp->d_interleave =3D u;
+ lp->d_interleave =3D u16;
break;
}
=20
/* d_trackskew */
for (;;) {
@@ -338,15 +339,15 @@
i =3D getinput(":", "Sector 0 skew, per track", def, line);
if (i =3D=3D -1)
return;
else if (i =3D=3D 0)
break;
- if (sscanf(line, "%" SCNu32, &u) !=3D 1) {
+ if (strtouint16(line, &u16)) {
printf("Invalid track sector skew `%s'\n", line);
continue;
}
- lp->d_trackskew =3D u;
+ lp->d_trackskew =3D u16;
break;
}
=20
/* d_cylskew */
for (;;) {
@@ -354,15 +355,15 @@
i =3D getinput(":", "Sector 0 skew, per cylinder", def, line);
if (i =3D=3D -1)
return;
else if (i =3D=3D 0)
break;
- if (sscanf(line, "%" SCNu32, &u) !=3D 1) {
+ if (strtouint16(line, &u16)) {
printf("Invalid cylinder sector `%s'\n", line);
continue;
}
- lp->d_cylskew =3D u;
+ lp->d_cylskew =3D u16;
break;
}
=20
/* d_headswitch */
for (;;) {
@@ -370,15 +371,15 @@
i =3D getinput(":", "Head switch time (usec)", def, line);
if (i =3D=3D -1)
return;
else if (i =3D=3D 0)
break;
- if (sscanf(line, "%" SCNu32, &u) !=3D 1) {
+ if (strtouint32(line, &u32)) {
printf("Invalid head switch time `%s'\n", line);
continue;
}
- lp->d_headswitch =3D u;
+ lp->d_headswitch =3D u32;
break;
}
=20
/* d_trkseek */
for (;;) {
@@ -386,15 +387,15 @@
i =3D getinput(":", "Track seek time (usec)", def, line);
if (i =3D=3D -1)
return;
else if (i =3D=3D 0)
break;
- if (sscanf(line, "%" SCNu32, &u) !=3D 1) {
+ if (strtouint32(line, &u32)) {
printf("Invalid track seek time `%s'\n", line);
continue;
}
- lp->d_trkseek =3D u;
+ lp->d_trkseek =3D u32;
break;
}
}
=20
=20
--MP_/t1SNLi=bRAWDFfVn/Pf24iE
Content-Type: text/x-patch
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment; filename=main.c.diff
--- main.c
+++ main.c
@@ -1937,6 +1935,42 @@
free(list);
}
}
=20
return ret;
+}
+
+/* Convert a string to a uint16_t. Returns -1 on error, 0 on success. */
+int
+strtouint16(char *intstr, uint16_t *val16)
+{
+ long int lval;
+ char *endstr;
+
+ lval =3D strtoll(intstr, &endstr, 10);
+ if (*endstr !=3D '\0')
+ return -1;
+ if (lval > UINT16_MAX)
+ return -1;
+
+ *val16 =3D (uint16_t) lval;
+
+ return 0;
+}
+
+/* Convert a string to a uint32_t. Returns -1 on error, 0 on success. */
+int
+strtouint32(char *intstr, uint32_t *val32)
+{
+ long int lval;
+ char *endstr;
+
+ lval =3D strtoll(intstr, &endstr, 10);
+ if (*endstr !=3D '\0')
+ return -1;
+ if (lval > UINT32_MAX)
+ return -1;
+
+ *val32 =3D (uint32_t) lval;
+
+ return 0;
}
--MP_/t1SNLi=bRAWDFfVn/Pf24iE--
--Sig_/P/X_PV2fUdUR7IiqBsKCNe8
Content-Type: application/pgp-signature; name=signature.asc
Content-Disposition: attachment; filename=signature.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAk77Tc8ACgkQc7h7cu1Hpp4/GwCdFdFccXLhCJdDHjcaQ9ZO+R/G
nwsAoKUBJ5xiTdS0lOQapyKkN3JVB1Ft
=PRpE
-----END PGP SIGNATURE-----
--Sig_/P/X_PV2fUdUR7IiqBsKCNe8--
Home |
Main Index |
Thread Index |
Old Index