Re: rpki-client refactor some path building

Fri, 18 Dec 2020 02:43:16 -0800 

On Thu, Dec 03, 2020 at 02:33:03PM +0100, Claudio Jeker wrote:
> Use asprintf with %.*s to construct the path based on the mft file
> location and the filename of the referenced file.
> 
> Since the * field in printf(3) is expecting an int type, typecast the
> ptrdiff_t to an int. Add an assert check to make sure there is no
> overflow. Also do the same overflow check in mft.c where the same idiom is
> used.
> 
> Maybe some PATH_MAX checks should be placed in the mft parser.

Ping

-- 
:wq Claudio

Index: main.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/main.c,v
retrieving revision 1.85
diff -u -p -r1.85 main.c
--- main.c      2 Dec 2020 15:31:15 -0000       1.85
+++ main.c      3 Dec 2020 12:25:24 -0000
@@ -451,23 +451,16 @@ static void
 queue_add_from_mft(int fd, struct entityq *q, const char *mft,
     const struct mftfile *file, enum rtype type, size_t *eid)
 {
-       size_t           sz;
        char            *cp, *nfile;
 
        /* Construct local path from filename. */
-
-       sz = strlen(file->file) + strlen(mft);
-       if ((nfile = calloc(sz + 1, 1)) == NULL)
-               err(1, "calloc");
-
        /* We know this is host/module/... */
 
-       strlcpy(nfile, mft, sz + 1);
-       cp = strrchr(nfile, '/');
+       cp = strrchr(mft, '/');
        assert(cp != NULL);
-       cp++;
-       *cp = '\0';
-       strlcat(nfile, file->file, sz + 1);
+       assert(cp - mft < INT_MAX);
+       if (asprintf(&nfile, "%.*s/%s", (int)(cp - mft), mft, file->file) == -1)
+               err(1, "asprintf");
 
        /*
         * Since we're from the same directory as the MFT file, we know
Index: mft.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/mft.c,v
retrieving revision 1.19
diff -u -p -r1.19 mft.c
--- mft.c       6 Nov 2020 04:22:18 -0000       1.19
+++ mft.c       3 Dec 2020 12:37:15 -0000
@@ -17,6 +17,7 @@
 
 #include <assert.h>
 #include <err.h>
+#include <limits.h>
 #include <stdarg.h>
 #include <stdint.h>
 #include <fcntl.h>
@@ -457,6 +458,7 @@ mft_validfilehash(const char *fn, const 
        /* Check hash of file now, but first build path for it */
        cp = strrchr(fn, '/');
        assert(cp != NULL);
+       assert(cp - fn < INT_MAX);
        if (asprintf(&path, "%.*s/%s", (int)(cp - fn), fn, m->file) == -1)
                err(1, "asprintf");

Reply via email to