daemon: check the conf inputs

The configuration of memory buffer size must be carefully parsed and validated to avoid segmentation fault Any misleading information in configuration file must be considered as major error and dlt-daemon should stop and raise error message to stderr This commit also corrects error handling of dlt_buffer_init_dynamic(). Signed-off-by: Bui Nguyen Quoc Thanh <thanh.buinguyenquoc@vn.bosch.com>
COVESA · May 10, 2021 · ad8a6ab · ad8a6ab
1 parent b95044a
commit ad8a6ab
Show file tree

Hide file tree

Showing 3 changed files with 47 additions and 7 deletions.
diff --git a/src/daemon/dlt-daemon.c b/src/daemon/dlt-daemon.c
@@ -89,6 +89,10 @@
 
 static int dlt_daemon_log_internal(DltDaemon *daemon, DltDaemonLocal *daemon_local, char *str, int verbose);
 
+static int dlt_daemon_check_numeric_setting(char *token,
+                                            char *value,
+                                            unsigned long *data);
+
 #ifdef DLT_SYSTEMD_WATCHDOG_ENABLE
 static uint32_t watchdog_trigger_interval;  /* watchdog trigger interval in [s] */
 #endif
@@ -98,6 +102,9 @@ int g_exit = 0;
 
 int g_signo = 0;
 
+/* used for value from conf file */
+static int value_length = 1024;
+
 static char dlt_timer_conn_types[DLT_TIMER_UNKNOWN + 1] = {
     [DLT_TIMER_PACKET] = DLT_CONNECTION_ONE_S_TIMER,
     [DLT_TIMER_ECU] = DLT_CONNECTION_SIXTY_S_TIMER,
@@ -318,7 +325,6 @@ int option_handling(DltDaemonLocal *daemon_local, int argc, char *argv[])
 int option_file_parser(DltDaemonLocal *daemon_local)
 {
     FILE *pFile;
-    int value_length = 1024;
     char line[value_length - 1];
     char token[value_length];
     char value[value_length];
@@ -531,19 +537,27 @@ int option_file_parser(DltDaemonLocal *daemon_local)
                     }
                     else if (strcmp(token, "RingbufferMinSize") == 0)
                     {
-                        sscanf(value, "%lu", &(daemon_local->RingbufferMinSize));
+                        if (dlt_daemon_check_numeric_setting(token,
+                                value, &(daemon_local->RingbufferMinSize)) < 0)
+                            return -1;
                     }
                     else if (strcmp(token, "RingbufferMaxSize") == 0)
                     {
-                        sscanf(value, "%lu", &(daemon_local->RingbufferMaxSize));
+                        if (dlt_daemon_check_numeric_setting(token,
+                                value, &(daemon_local->RingbufferMaxSize)) < 0)
+                            return -1;
                     }
                     else if (strcmp(token, "RingbufferStepSize") == 0)
                     {
-                        sscanf(value, "%lu", &(daemon_local->RingbufferStepSize));
+                        if (dlt_daemon_check_numeric_setting(token,
+                                value, &(daemon_local->RingbufferStepSize)) < 0)
+                            return -1;
                     }
                     else if (strcmp(token, "DaemonFIFOSize") == 0)
                     {
-                        sscanf(value, "%lu", &(daemon_local->daemonFifoSize));
+                        if (dlt_daemon_check_numeric_setting(token,
+                                value, &(daemon_local->daemonFifoSize)) < 0)
+                            return -1;
                     }
                     else if (strcmp(token, "SharedMemorySize") == 0)
                     {
@@ -1909,6 +1923,22 @@ int dlt_daemon_log_internal(DltDaemon *daemon, DltDaemonLocal *daemon_local, cha
     return 0;
 }
 
+int dlt_daemon_check_numeric_setting(char *token,
+                                    char *value,
+                                    unsigned long *data)
+{
+    char value_check[value_length];
+    value_check[0] = 0;
+    sscanf(value, "%lu%s", data, value_check);
+    if (value_check[0] || !isdigit(value[0])) {
+        fprintf(stderr, "Invalid input [%s] detected in option %s\n",
+                value,
+                token);
+        return -1;
+    }
+    return 0;
+}
+
 int dlt_daemon_process_client_connect(DltDaemon *daemon,
                                       DltDaemonLocal *daemon_local,
                                       DltReceiver *receiver,

diff --git a/src/daemon/dlt_daemon_common.c b/src/daemon/dlt_daemon_common.c
@@ -236,8 +236,10 @@ int dlt_daemon_init(DltDaemon *daemon,
     dlt_vlog(LOG_INFO, "Ringbuffer configuration: %lu/%lu/%lu\n",
              RingbufferMinSize, RingbufferMaxSize, RingbufferStepSize);
 
-    if (dlt_buffer_init_dynamic(&(daemon->client_ringbuffer), (uint32_t) RingbufferMinSize, (uint32_t) RingbufferMaxSize,
-                                (uint32_t) RingbufferStepSize) == DLT_RETURN_ERROR)
+    if (dlt_buffer_init_dynamic(&(daemon->client_ringbuffer),
+                                (uint32_t) RingbufferMinSize,
+                                (uint32_t) RingbufferMaxSize,
+                                (uint32_t) RingbufferStepSize) < DLT_RETURN_OK)
         return -1;
 
     daemon->storage_handle = NULL;

diff --git a/src/shared/dlt_common.c b/src/shared/dlt_common.c
@@ -2350,6 +2350,14 @@ DltReturnValue dlt_buffer_init_dynamic(DltBuffer *buf, uint32_t min_size, uint32
     head->write = 0;
     head->count = 0;
     buf->mem = (unsigned char *)(buf->shm + sizeof(DltBufferHead));
+
+    if (buf->min_size < (uint32_t)sizeof(DltBufferHead)) {
+        dlt_vlog(LOG_ERR,
+                 "%s: min_size is too small [%u]\n",
+                 __func__, buf->min_size);
+        return DLT_RETURN_WRONG_PARAMETER;
+    }
+
     buf->size = (uint32_t) (buf->min_size - sizeof(DltBufferHead));
 
     dlt_vlog(LOG_DEBUG,