On 05/22/2017 11:52 AM, Justin Mitchell wrote:
> Remove the line length parameter and associated code which
> led to buffer overruns in the line parsing code.
> Also drops the undocumented 'include' directive.
>
> Signed-off-by: Justin Mitchell <jumitche@xxxxxxxxx>
Committed...
steved.
>
> ---
> support/nfs/conffile.c | 201 ++++++++++++++++++++++++++++---------------------
> 1 file changed, 117 insertions(+), 84 deletions(-)
>
> diff --git a/support/nfs/conffile.c b/support/nfs/conffile.c
> index 7c607c0..449ac1c 100644
> --- a/support/nfs/conffile.c
> +++ b/support/nfs/conffile.c
> @@ -212,15 +212,10 @@ conf_set_now(char *section, char *arg, char *tag,
> * headers and feed tag-value pairs into our configuration database.
> */
> static void
> -conf_parse_line(int trans, char *line, size_t sz, char **section, char **subsection)
> +conf_parse_line(int trans, char *line, int lineno, char **section, char **subsection)
> {
> char *val, *ptr;
> - size_t i;
> - size_t j;
> - static int ln = 0;
>
> - /* Lines starting with '#' or ';' are comments. */
> - ln++;
> /* Ignore blank lines */
> if (*line == '\0')
> return;
> @@ -229,113 +224,149 @@ conf_parse_line(int trans, char *line, size_t sz, char **section, char **subsect
> while (isblank(*line))
> line++;
>
> + /* Lines starting with '#' or ';' are comments. */
> if (*line == '#' || *line == ';')
> return;
>
> /* '[section]' parsing... */
> if (*line == '[') {
> line++;
> +
> + if (*section) {
> + free(*section);
> + *section = NULL;
> + }
> + if (*subsection) {
> + free(*subsection);
> + *subsection = NULL;
> + }
> +
> /* Strip off any blanks after '[' */
> while (isblank(*line))
> line++;
> - for (i = 0; i < sz; i++) {
> - if (line[i] == ']') {
> - break;
> - }
> - }
> - if (*section)
> - free(*section);
> - if (i == sz) {
> +
> + /* find the closing ] */
> + ptr = strchr(line, ']');
> + if (ptr == NULL) {
> xlog_warn("config file error: line %d: "
> - "non-matched ']', ignoring until next section", ln);
> - *section = NULL;
> + "non-matched ']', ignoring until next section", lineno);
> return;
> }
> +
> + /* just ignore everything after the closing ] */
> + *(ptr--) = '\0';
> +
> /* Strip off any blanks before ']' */
> - val = line;
> - j=0;
> - while (*val && !isblank(*val))
> - val++, j++;
> - if (*val)
> - i = j;
> - *section = malloc(i+1);
> + while (ptr >= line && isblank(*ptr))
> + *(ptr--)='\0';
> +
> + /* look for an arg to split from the section name */
> + val = strchr(line, '"');
> + if (val != NULL) {
> + ptr = val - 1;
> + *(val++) = '\0';
> +
> + /* trim away any whitespace before the " */
> + while (ptr > line && isblank(*ptr))
> + *(ptr--)='\0';
> + }
> +
> + /* copy the section name */
> + *section = strdup(line);
> if (!*section) {
> - xlog_warn("conf_parse_line: %d: malloc (%lu) failed", ln,
> - (unsigned long)i);
> + xlog_warn("conf_parse_line: %d: malloc failed", lineno);
> return;
> }
> - strncpy(*section, line, i);
> - (*section)[i] = '\0';
>
> - if (*subsection) {
> - free(*subsection);
> - *subsection = NULL;
> - }
> + /* there is no arg, we are done */
> + if (val == NULL) return;
>
> + /* check for the closing " */
> ptr = strchr(val, '"');
> - if (ptr == NULL)
> - return;
> - line = ++ptr;
> - while (*ptr && *ptr != '"' && *ptr != ']')
> - ptr++;
> - if (*ptr == '\0' || *ptr == ']') {
> + if (ptr == NULL) {
> xlog_warn("config file error: line %d: "
> - "non-matched '\"', ignoring until next section", ln);
> - } else {
> - *ptr = '\0';
> - *subsection = strdup(line);
> - if (!*subsection)
> - xlog_warn("conf_parse_line: %d: malloc arg failed", ln);
> + "non-matched '\"', ignoring until next section", lineno);
> + return;
> }
> + *ptr = '\0';
> + *subsection = strdup(val);
> + if (!*subsection)
> + xlog_warn("conf_parse_line: %d: malloc arg failed", lineno);
> return;
> }
>
> /* Deal with assignments. */
> - for (i = 0; i < sz; i++) {
> - if (line[i] == '=') {
> - /* If no section, we are ignoring the lines. */
> - if (!*section) {
> + ptr = strchr(line, '=');
> +
> + /* not an assignment line */
> + if (ptr == NULL) {
> + /* Other non-empty lines are weird. */
> + if (line[strspn(line, " \t")])
> xlog_warn("config file error: line %d: "
> - "ignoring line due to no section", ln);
> - return;
> - }
> - line[strcspn (line, " \t=")] = '\0';
> - val = line + i + 1 + strspn (line + i + 1, " \t");
> -
> - if (val[0] == '"') {
> - val ++;
> - j = strcspn(val, "\"");
> - val[j] = 0;
> - } else if (val[0] == '\'') {
> - val ++;
> - j = strcspn(val, "'");
> - val[j] = 0;
> - } else {
> - /* Skip trailing spaces and comments */
> - for (j = 0; val[j]; j++) {
> - if ((val[j] == '#' || val[j] == ';')
> - && (j == 0 || isspace(val[j-1]))) {
> - val[j] = '\0';
> - break;
> - }
> - }
> - while (j && isspace(val[j-1]))
> - val[--j] = '\0';
> - }
> - if (strcasecmp(line, "include") == 0)
> - conf_load(trans, val);
> - else
> - /* XXX Perhaps should we not ignore errors? */
> - conf_set(trans, *section, *subsection, line, val, 0, 0);
> + "line not empty and not an assignment", lineno);
> + return;
> + }
> +
> + /* If no section, we are ignoring the line. */
> + if (!*section) {
> + xlog_warn("config file error: line %d: "
> + "ignoring line due to no section", lineno);
> + return;
> + }
> +
> + val = ptr + 1;
> + *(ptr--) = '\0';
> +
> + /* strip spaces before and after the = */
> + while (ptr >= line && isblank(*ptr))
> + *(ptr--)='\0';
> + while (*val != '\0' && isblank(*val))
> + val++;
> +
> + if (*val == '"') {
> + val++;
> + ptr = strchr(val, '"');
> + if (ptr == NULL) {
> + xlog_warn("config file error: line %d: "
> + "unmatched quotes", lineno);
> return;
> }
> + *ptr = '\0';
> + } else
> + if (*val == '\'') {
> + val++;
> + ptr = strchr(val, '\'');
> + if (ptr == NULL) {
> + xlog_warn("config file error: line %d: "
> + "unmatched quotes", lineno);
> + return;
> + }
> + *ptr = '\0';
> + } else {
> + /* Trim any trailing spaces and comments */
> + if ((ptr=strchr(val, '#'))!=NULL)
> + *ptr = '\0';
> + if ((ptr=strchr(val, ';'))!=NULL)
> + *ptr = '\0';
> +
> + ptr = val + strlen(val) - 1;
> + while (ptr > val && isspace(*ptr))
> + *(ptr--) = '\0';
> }
> - /* Other non-empty lines are weird. */
> - i = strspn(line, " \t");
> - if (line[i])
> - xlog_warn("config file error: line %d:", ln);
>
> - return;
> + if (*line == '\0') {
> + xlog_warn("config file error: line %d: "
> + "missing tag in assignment", lineno);
> + return;
> + }
> + if (*val == '\0') {
> + xlog_warn("config file error: line %d: "
> + "missing value in assignment", lineno);
> + return;
> + }
> +
> + /* XXX Perhaps should we not ignore errors? */
> + conf_set(trans, *section, *subsection, line, val, 0, 0);
> }
>
> /* Parse the mapped configuration file. */
> @@ -347,6 +378,7 @@ conf_parse(int trans, char *buf, size_t sz)
> char *line;
> char *section = NULL;
> char *subsection = NULL;
> + int lineno = 0;
>
> line = cp;
> while (cp < bufend) {
> @@ -356,7 +388,8 @@ conf_parse(int trans, char *buf, size_t sz)
> *(cp - 1) = *cp = ' ';
> else {
> *cp = '\0';
> - conf_parse_line(trans, line, cp - line, §ion, &subsection);
> + lineno++;
> + conf_parse_line(trans, line, lineno, §ion, &subsection);
> line = cp + 1;
> }
> }
>
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
