Compare commits

..

No commits in common. "819a555bc5cccd6b4e8b53b7b5036744a94142a7" and "58f848148f0bbdbedd0243de289944804b772094" have entirely different histories.

8 changed files with 704 additions and 1005 deletions

File diff suppressed because it is too large Load Diff

View File

@ -1,31 +0,0 @@
/* SPDX-License-Identifier: LGPL-2.1+ */
#include <string.h>
#include "alloc-util.h"
#include "fuzz.h"
#include "udev-util.h"
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
_cleanup_free_ char *str = NULL;
int r;
char *value = UINT_TO_PTR(0x12345678U);
char *endpos = UINT_TO_PTR(0x87654321U);
assert_se(str = malloc(size + 1));
memcpy(str, data, size);
str[size] = '\0';
r = udev_rule_parse_value(str, &value, &endpos);
if (r < 0) {
/* not modified on failure */
assert_se(value == UINT_TO_PTR(0x12345678U));
assert_se(endpos == UINT_TO_PTR(0x87654321U));
} else {
assert_se(endpos <= str + size);
assert_se(endpos > str + 1);
}
return 0;
}

View File

@ -152,8 +152,4 @@ fuzzers += [
'src/xdg-autostart-generator/xdg-autostart-service.c'], 'src/xdg-autostart-generator/xdg-autostart-service.c'],
[], [],
[]], []],
[['src/fuzz/fuzz-udev-rule-parse-value.c'],
[libshared],
[]],
] ]

View File

@ -6,16 +6,13 @@
#include "alloc-util.h" #include "alloc-util.h"
#include "device-util.h" #include "device-util.h"
#include "env-file.h" #include "env-file.h"
#include "escape.h"
#include "log.h" #include "log.h"
#include "macro.h"
#include "parse-util.h" #include "parse-util.h"
#include "path-util.h" #include "path-util.h"
#include "signal-util.h" #include "signal-util.h"
#include "string-table.h" #include "string-table.h"
#include "string-util.h" #include "string-util.h"
#include "udev-util.h" #include "udev-util.h"
#include "utf8.h"
static const char* const resolve_name_timing_table[_RESOLVE_NAME_TIMING_MAX] = { static const char* const resolve_name_timing_table[_RESOLVE_NAME_TIMING_MAX] = {
[RESOLVE_NAME_NEVER] = "never", [RESOLVE_NAME_NEVER] = "never",
@ -323,49 +320,3 @@ bool device_for_action(sd_device *dev, DeviceAction action) {
return a == action; return a == action;
} }
int udev_rule_parse_value(char *str, char **ret_value, char **ret_endpos) {
char *i, *j;
int r;
bool is_escaped;
/* value must be double quotated */
is_escaped = str[0] == 'e';
str += is_escaped;
if (str[0] != '"')
return -EINVAL;
str++;
if (!is_escaped) {
/* unescape double quotation '\"'->'"' */
for (i = j = str; *i != '"'; i++, j++) {
if (*i == '\0')
return -EINVAL;
if (i[0] == '\\' && i[1] == '"')
i++;
*j = *i;
}
j[0] = '\0';
} else {
_cleanup_free_ char *unescaped = NULL;
/* find the end position of value */
for (i = str; *i != '"'; i++) {
if (i[0] == '\\')
i++;
if (*i == '\0')
return -EINVAL;
}
i[0] = '\0';
r = cunescape_length(str, i - str, 0, &unescaped);
if (r < 0)
return r;
assert(r <= i - str);
memcpy(str, unescaped, r + 1);
}
*ret_value = str;
*ret_endpos = i + 1;
return 0;
}

View File

@ -32,5 +32,3 @@ int device_wait_for_initialization(sd_device *device, const char *subsystem, use
int device_wait_for_devlink(const char *path, const char *subsystem, usec_t deadline, sd_device **ret); int device_wait_for_devlink(const char *path, const char *subsystem, usec_t deadline, sd_device **ret);
int device_is_renaming(sd_device *dev); int device_is_renaming(sd_device *dev);
bool device_for_action(sd_device *dev, DeviceAction action); bool device_for_action(sd_device *dev, DeviceAction action);
int udev_rule_parse_value(char *str, char **ret_value, char **ret_endpos);

View File

@ -775,10 +775,6 @@ tests += [
libselinux], libselinux],
'', 'manual', '-DLOG_REALM=LOG_REALM_UDEV'], '', 'manual', '-DLOG_REALM=LOG_REALM_UDEV'],
[['src/test/test-udev-util.c'],
[],
[]],
[['src/test/test-id128.c'], [['src/test/test-id128.c'],
[], [],
[]], []],

View File

@ -1,202 +0,0 @@
/* SPDX-License-Identifier: LGPL-2.1+ */
#include <stdlib.h>
#include <string.h>
#include "macro.h"
#include "string-util.h"
#include "udev-util.h"
static void test_udev_rule_parse_value_one(const char *in, const char *expected_value, int expected_retval) {
_cleanup_free_ char *str = NULL;
char *value = UINT_TO_PTR(0x12345678U);
char *endpos = UINT_TO_PTR(0x87654321U);
assert_se(str = strdup(in));
assert_se(udev_rule_parse_value(str, &value, &endpos) == expected_retval);
if (expected_retval < 0) {
/* not modified on failure */
assert_se(value == UINT_TO_PTR(0x12345678U));
assert_se(endpos == UINT_TO_PTR(0x87654321U));
} else {
assert_se(streq_ptr(value, expected_value));
assert_se(endpos == str + strlen(in));
}
}
static void test_parse_value(void) {
/* input: "valid operand"
* parsed: valid operand
* use the following command to help generate textual C strings:
* python3 -c 'import json; print(json.dumps(input()))' */
test_udev_rule_parse_value_one(
"\"valid operand\"",
"valid operand",
0
);
}
static void test_parse_value_with_backslashes(void) {
/* input: "va'l\'id\"op\"erand"
* parsed: va'l\'id"op"erand */
test_udev_rule_parse_value_one(
"\"va'l\\'id\\\"op\\\"erand\"",
"va'l\\'id\"op\"erand",
0
);
}
static void test_parse_value_no_quotes(void) {
test_udev_rule_parse_value_one(
"no quotes",
0,
-EINVAL
);
}
static void test_parse_value_noescape(void) {
test_udev_rule_parse_value_one(
"\"\\\\a\\b\\x\\y\"",
"\\\\a\\b\\x\\y",
0
);
}
static void test_parse_value_nul(void) {
test_udev_rule_parse_value_one(
"\"reject\0nul\"",
0,
-EINVAL
);
}
static void test_parse_value_escape_nothing(void) {
/* input: e"" */
test_udev_rule_parse_value_one(
"e\"\"",
"",
0
);
}
static void test_parse_value_escape_nothing2(void) {
/* input: e"1234" */
test_udev_rule_parse_value_one(
"e\"1234\"",
"1234",
0
);
}
static void test_parse_value_escape_double_quote(void) {
/* input: e"\"" */
test_udev_rule_parse_value_one(
"e\"\\\"\"",
"\"",
0
);
}
static void test_parse_value_escape_backslash(void) {
/* input: e"\ */
test_udev_rule_parse_value_one(
"e\"\\",
0,
-EINVAL
);
/* input: e"\" */
test_udev_rule_parse_value_one(
"e\"\\\"",
0,
-EINVAL
);
/* input: e"\\" */
test_udev_rule_parse_value_one(
"e\"\\\\\"",
"\\",
0
);
/* input: e"\\\" */
test_udev_rule_parse_value_one(
"e\"\\\\\\\"",
0,
-EINVAL
);
/* input: e"\\\"" */
test_udev_rule_parse_value_one(
"e\"\\\\\\\"\"",
"\\\"",
0
);
/* input: e"\\\\" */
test_udev_rule_parse_value_one(
"e\"\\\\\\\\\"",
"\\\\",
0
);
}
static void test_parse_value_newline(void) {
/* input: e"operand with newline\n" */
test_udev_rule_parse_value_one(
"e\"operand with newline\\n\"",
"operand with newline\n",
0
);
}
static void test_parse_value_escaped(void) {
/* input: e"single\rcharacter\t\aescape\bsequence" */
test_udev_rule_parse_value_one(
"e\"single\\rcharacter\\t\\aescape\\bsequence\"",
"single\rcharacter\t\aescape\bsequence",
0
);
}
static void test_parse_value_invalid_escape(void) {
/* input: e"reject\invalid escape sequence" */
test_udev_rule_parse_value_one(
"e\"reject\\invalid escape sequence",
0,
-EINVAL
);
}
static void test_parse_value_invalid_termination(void) {
/* input: e"\ */
test_udev_rule_parse_value_one(
"e\"\\",
0,
-EINVAL
);
}
static void test_parse_value_unicode(void) {
/* input: "s\u1d1c\u1d04\u029c \u1d1c\u0274\u026a\u1d04\u1d0f\u1d05\u1d07 \U0001d568\U0001d560\U0001d568" */
test_udev_rule_parse_value_one(
"e\"s\\u1d1c\\u1d04\\u029c \\u1d1c\\u0274\\u026a\\u1d04\\u1d0f\\u1d05\\u1d07 \\U0001d568\\U0001d560\\U0001d568\"",
"s\xe1\xb4\x9c\xe1\xb4\x84\xca\x9c \xe1\xb4\x9c\xc9\xb4\xc9\xaa\xe1\xb4\x84\xe1\xb4\x8f\xe1\xb4\x85\xe1\xb4\x87 \xf0\x9d\x95\xa8\xf0\x9d\x95\xa0\xf0\x9d\x95\xa8",
0
);
}
int main(int argc, char **argv) {
test_parse_value();
test_parse_value_with_backslashes();
test_parse_value_no_quotes();
test_parse_value_nul();
test_parse_value_noescape();
test_parse_value_escape_nothing();
test_parse_value_escape_nothing2();
test_parse_value_escape_double_quote();
test_parse_value_escape_backslash();
test_parse_value_newline();
test_parse_value_escaped();
test_parse_value_invalid_escape();
test_parse_value_invalid_termination();
test_parse_value_unicode();
return EXIT_SUCCESS;
}

View File

@ -990,9 +990,8 @@ static UdevRuleOperatorType parse_operator(const char *op) {
} }
static int parse_line(char **line, char **ret_key, char **ret_attr, UdevRuleOperatorType *ret_op, char **ret_value) { static int parse_line(char **line, char **ret_key, char **ret_attr, UdevRuleOperatorType *ret_op, char **ret_value) {
char *key_begin, *key_end, *attr, *tmp; char *key_begin, *key_end, *attr, *tmp, *value, *i, *j;
UdevRuleOperatorType op; UdevRuleOperatorType op;
int r;
assert(line); assert(line);
assert(*line); assert(*line);
@ -1032,14 +1031,30 @@ static int parse_line(char **line, char **ret_key, char **ret_attr, UdevRuleOper
key_end[0] = '\0'; key_end[0] = '\0';
tmp += op == OP_ASSIGN ? 1 : 2; tmp += op == OP_ASSIGN ? 1 : 2;
tmp = skip_leading_chars(tmp, NULL); value = skip_leading_chars(tmp, NULL);
r = udev_rule_parse_value(tmp, ret_value, line);
if (r < 0)
return r;
/* value must be double quotated */
if (value[0] != '"')
return -EINVAL;
value++;
/* unescape double quotation '\"' -> '"' */
for (i = j = value; ; i++, j++) {
if (*i == '"')
break;
if (*i == '\0')
return -EINVAL;
if (i[0] == '\\' && i[1] == '"')
i++;
*j = *i;
}
j[0] = '\0';
*line = i+1;
*ret_key = key_begin; *ret_key = key_begin;
*ret_attr = attr; *ret_attr = attr;
*ret_op = op; *ret_op = op;
*ret_value = value;
return 1; return 1;
} }