Project

General

Profile

Bug #11510

stmsboot: stmsboot_util -D option validation is broken

Added by Toomas Soome about 1 year ago. Updated 12 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
cmd - userland programs
Start date:
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:

Description

1. We allocate memory chunk with size MAXMODCONFNAME, but then we do copy data into it by strlen(optarg), replace bcopy by strlcpy.
2. strncmp() does compare n chars, that will allow to use names by prefix. Since with strlcpy we do have zero terminated strings, use normal strcmp.
3. the whole if strncmp() statement does not work:

the expression there should look like:

if (!((strncmp(drvlimit, "fp", 2) == 0) || 
     (strncmp(drvlimit, "mpt", 3) == 0) ||
     (strncmp(drvlimit, "mpt_sas", 7) == 0) ||
     (strncmp(drvlimit, "pmcs", 4) == 0)))

Of course this one is a bit annoying to read, so we would like to reduce the !:

if (!(strncmp(drvlimit, "fp", 2) == 0) &&
    !(strncmp(drvlimit, "mpt", 3) == 0) &&
    !(strncmp(drvlimit, "mpt_sas", 7) == 0) &&
    !(strncmp(drvlimit, "pmcs", 4) == 0))

And from above we already can see why the error did appear, nevertheless, to remove negation at all, the final if statement should be:

if ((strncmp(drvlimit, "fp", 2) != 0) &&
    (strncmp(drvlimit, "mpt", 3) != 0) &&
    (strncmp(drvlimit, "mpt_sas", 7) != 0) &&
    (strncmp(drvlimit, "pmcs", 4) != 0))

Testing done:


Accepted, legal arguments:
# /tmp/stmsboot_util -D fp -L
stmsboot: MPXIO disabled

Bad arguments:
# /tmp/stmsboot_util -D fps -L
usage: stmsboot_util -b | -m devname | -l <ctrl> | -L | [-g] | -n | -N | -i | -p devname

More bad arguments:
# /tmp/stmsboot_util -D asd -L
usage: stmsboot_util -b | -m devname | -l <ctrl> | -L | [-g] | -n | -N | -i | -p devname

History

#1

Updated by Electric Monk 12 months ago

  • % Done changed from 0 to 100
  • Status changed from In Progress to Closed

git commit 6cb11604688f3d2bf2fb6d030c1f2bb3673a10d2

commit  6cb11604688f3d2bf2fb6d030c1f2bb3673a10d2
Author: Toomas Soome <tsoome@me.com>
Date:   2019-08-06T15:34:52.000Z

    11434 stmsboot: NULL pointer errors
    11510 stmsboot: stmsboot_util -D option validation is broken
    Reviewed by: Andy Fiddaman <andy@omniosce.org>
    Reviewed by: John Levon <john.levon@joyent.com>
    Reviewed by: Alexander Pyhalov <apyhalov@gmail.com>
    Approved by: Dan McDonald <danmcd@joyent.com>

Also available in: Atom PDF