From ba079528b3c1c0fd911ee98353685c4116c8e6f8 Mon Sep 17 00:00:00 2001 From: Deng Guangxing Date: Mon, 11 Dec 2023 14:20:51 +0800 Subject: [PATCH 06/12] code-style problem fix Signed-off-by: Deng Guangxing --- qtfs/ipc/uds_event.c | 6 +- qtfs/qtfs/fifo.c | 39 ++++++------- qtfs/qtfs/proc.c | 10 ++-- qtfs/qtfs/qtfs-mod.c | 6 +- qtfs/qtfs/sb.c | 7 +-- qtfs/qtfs_common/qtfs_check.c | 103 ++++++++++++---------------------- qtfs/rexec/rexec.c | 11 ++-- 7 files changed, 77 insertions(+), 105 deletions(-) diff --git a/qtfs/ipc/uds_event.c b/qtfs/ipc/uds_event.c index 4253deb..78a2a97 100644 --- a/qtfs/ipc/uds_event.c +++ b/qtfs/ipc/uds_event.c @@ -524,7 +524,7 @@ static int uds_msg_scm_regular_file(int scmfd, int tcpfd, struct uds_event_globa uds_err("failed to calloc memory"); return EVENT_ERR; } - sprintf(fdproc, "/proc/self/fd/%d", scmfd); + snprintf(fdproc, UDS_PATH_MAX, "/proc/self/fd/%d", scmfd); ret = readlink(fdproc, p_scmr->path, UDS_PATH_MAX); if (ret < 0) { uds_err("readlink:%s error, ret:%d, errno:%d", fdproc, ret, errno); @@ -562,7 +562,7 @@ static int uds_msg_scm_fifo_file(int scmfd, int tcpfd, struct uds_event_global_v p_get->msgtype = MSG_SCM_PIPE; p_get->msglen = sizeof(struct uds_stru_scm_pipe); - sprintf(path, "/proc/self/fd/%d", scmfd); + snprintf(path, FDPATH_LEN, "/proc/self/fd/%d", scmfd); lstat(path, &st); if (st.st_mode & S_IRUSR) { p_pipe->dir = SCM_PIPE_READ; @@ -1085,7 +1085,7 @@ int uds_event_debug_level(void *arg, int epfd, struct uds_event_global_var *p_ev uds_log("debug level accept a new connection, current level:%s change to:%s", UDS_LOG_STR(cur), UDS_LOG_STR(p_uds_var->loglevel)); - len = sprintf(p_event_var->iov_base, "+---------------UDS LOG LEVEL UPDATE--------------+\n" + len = snprintf(p_event_var->iov_base, p_event_var->iov_len, "+---------------UDS LOG LEVEL UPDATE--------------+\n" "+ Log level is:%s before, now change to :%s.\n" "+-------------------------------------------------+\n", UDS_LOG_STR(cur), UDS_LOG_STR(p_uds_var->loglevel)); diff --git a/qtfs/qtfs/fifo.c b/qtfs/qtfs/fifo.c index 829ce66..f072706 100644 --- a/qtfs/qtfs/fifo.c +++ b/qtfs/qtfs/fifo.c @@ -26,9 +26,9 @@ static void qtfs_fifo_put_file(struct file *file) { - struct private_data *priv = file->private_data; - struct qtfs_conn_var_s *pvar = (struct qtfs_conn_var_s *)priv->priv; - if (pvar == NULL) { + struct private_data *priv; + struct qtfs_conn_var_s *pvar; + if (file == NULL || (priv = file->private_data) == NULL || (pvar = (struct qtfs_conn_var_s *)priv->priv) == NULL) { qtfs_err("fifo private data invalid to put"); return; } @@ -110,8 +110,8 @@ int qtfs_fifo_open(struct inode *inode, struct file *file) ssize_t qtfs_fifo_readiter(struct kiocb *kio, struct iov_iter *iov) { - struct private_data *priv = kio->ki_filp->private_data; - struct qtfs_conn_var_s *pvar = (struct qtfs_conn_var_s *)priv->priv; + struct private_data *priv; + struct qtfs_conn_var_s *pvar; struct qtreq_fifo_read *req; struct qtrsp_fifo_read *rsp; int total = 0; @@ -121,7 +121,7 @@ ssize_t qtfs_fifo_readiter(struct kiocb *kio, struct iov_iter *iov) qtfs_err("signal SIGURG return eintr"); return -EINTR; } - if (pvar == NULL || !virt_addr_valid(pvar)) { + if (!kio || !kio->ki_filp || (priv = kio->ki_filp->private_data) == NULL || (pvar = (struct qtfs_conn_var_s *)priv->priv) == NULL || !virt_addr_valid(pvar)) { qtfs_err("invalid fifo read req, private data is invalid"); return -EFAULT; } @@ -154,8 +154,8 @@ ssize_t qtfs_fifo_readiter(struct kiocb *kio, struct iov_iter *iov) ssize_t qtfs_fifo_writeiter(struct kiocb *kio, struct iov_iter *iov) { - struct private_data *priv = kio->ki_filp->private_data; - struct qtfs_conn_var_s *pvar = (struct qtfs_conn_var_s *)priv->priv; + struct private_data *priv; + struct qtfs_conn_var_s *pvar; struct qtreq_fifo_write *req; struct qtrsp_fifo_write *rsp; @@ -163,7 +163,7 @@ ssize_t qtfs_fifo_writeiter(struct kiocb *kio, struct iov_iter *iov) qtfs_err("signal SIGURG return eintr"); return -EINTR; } - if (pvar == NULL || !virt_addr_valid(pvar)) { + if (!kio || !kio->ki_filp || (priv = kio->ki_filp->private_data) == NULL || (pvar = (struct qtfs_conn_var_s *)priv->priv) == NULL || !virt_addr_valid(pvar)) { qtfs_err("invalid fifo write req, private data is invalid"); return -EFAULT; } @@ -182,10 +182,11 @@ ssize_t qtfs_fifo_writeiter(struct kiocb *kio, struct iov_iter *iov) int qtfs_fifo_release(struct inode *inode, struct file *file) { - struct private_data *priv = file->private_data; - struct qtfs_conn_var_s *pvar = (struct qtfs_conn_var_s *)priv->priv; + struct private_data *priv; + struct qtfs_conn_var_s *pvar; struct qtrsp_fifo_close *rsp = NULL; - if (pvar == NULL) { + + if (file == NULL || (priv = file->private_data) == NULL || (pvar = (struct qtfs_conn_var_s *)priv->priv) == NULL) { qtfs_err("invalid fifo write req, private data is invalid"); return -EFAULT; } @@ -202,22 +203,22 @@ int qtfs_fifo_release(struct inode *inode, struct file *file) __poll_t qtfs_poll(struct file *filp, poll_table *wait) { - struct qtfs_inode_priv *priv = filp->f_inode->i_private; + struct qtfs_inode_priv *priv; __poll_t mask = 0; struct list_head *p; struct qtfs_conn_var_s *pvar; struct qtreq_poll *req; struct qtrsp_poll *rsp; - struct private_data *fpriv = (struct private_data *)filp->private_data; - - poll_wait(filp, &priv->readq, wait); - - p = &priv->readq.head; + struct private_data *fpriv; - if (fpriv->fd < 0) { + if (!filp || !filp->f_inode || !(priv = filp->f_inode->i_private) || !(fpriv = (struct private_data *)filp->private_data) || fpriv->fd < 0) { qtfs_err("fifo poll priv file invalid."); return 0; } + + poll_wait(filp, &priv->readq, wait); + p = &priv->readq.head; + pvar = qtfs_conn_get_param(); if (pvar == NULL) { qtfs_err("qtfs fifo poll get param failed."); diff --git a/qtfs/qtfs/proc.c b/qtfs/qtfs/proc.c index 70238ea..deea1c8 100644 --- a/qtfs/qtfs/proc.c +++ b/qtfs/qtfs/proc.c @@ -147,7 +147,7 @@ struct dentry *qtfs_proc_lookup(struct inode *parent_inode, struct dentry *child if (pid > 0) { sscanf(cpath, "/proc/%s", tmp); memset(cpath, 0, MAX_PATH_LEN); - sprintf(cpath, "/local_proc/%s", tmp); + snprintf(cpath, MAX_PATH_LEN, "/local_proc/%s", tmp); qtfs_debug("[%s]: get path from local: %s\n", __func__, cpath); ret = kern_path(cpath, 0, &spath); if(ret) { @@ -208,13 +208,13 @@ const char *qtfs_proc_getlink(struct dentry *dentry, } if (!strncmp(path, "/proc/self", 11)) { - sprintf(link, "/local_proc/%d", (int)current->pid); + snprintf(link, MAX_PATH_LEN, "/local_proc/%d", (int)current->pid); qtfs_info("[%s] success: %s getlink: %s", __func__, path, link); goto link_local; } if (!strcmp(path, "/proc/mounts")) { - sprintf(link, "/proc/1/mounts"); + snprintf(link, MAX_PATH_LEN, "/proc/1/mounts"); qtfs_info("[%s] success: %s getlink /proc/1/mounts", __func__, path); goto link_local; } @@ -222,7 +222,7 @@ const char *qtfs_proc_getlink(struct dentry *dentry, pid = is_local_process(path); if (pid > 0) { sscanf(path, "/proc/%s", tmp); - sprintf(link, "/local_proc/%s", tmp); + snprintf(link, MAX_PATH_LEN, "/local_proc/%s", tmp); qtfs_info("[%s] success: %s getlink: %s", __func__, path, link); goto link_local; } @@ -274,7 +274,7 @@ int qtfs_proc_getattr(const struct path *path, struct kstat *stat, u32 req_mask, pid = is_local_process(cpath); if (pid > 0) { sscanf(cpath, "/proc/%s", tmp); - sprintf(local_path, "/local_proc/%s", tmp); + snprintf(local_path, MAX_PATH_LEN, "/local_proc/%s", tmp); ret = kern_path(local_path, 0, &spath); if (ret) { qtfs_err("[%s]: kern_path(%s) failed: %d", __func__, local_path, ret); diff --git a/qtfs/qtfs/qtfs-mod.c b/qtfs/qtfs/qtfs-mod.c index 0b6cd65..d49e9a2 100644 --- a/qtfs/qtfs/qtfs-mod.c +++ b/qtfs/qtfs/qtfs-mod.c @@ -23,6 +23,8 @@ #include "syscall.h" #include "symbol_wrapper.h" +#define MAX_RETRY 5 + static struct file_system_type qtfs_fs_type = { .owner = THIS_MODULE, .name = QTFS_FSTYPE_NAME, @@ -86,7 +88,7 @@ retry: pvar->miss_proc = 0; } // miss message retry would result in block - if (retrytimes >= 5) { + if (retrytimes >= MAX_RETRY) { qtfs_err("qtfs conn recv get mismatch seq_num too many times, stop retrying, signal:0x%lx", (unsigned long)current->pending.signal.sig[0]); return NULL; } @@ -98,7 +100,7 @@ retry: qtinfo_cntinc(QTINF_RESTART_SYS); qtinfo_recverrinc(req->type); } - if (retrytimes >= 5 && ret == -EINTR) { + if (retrytimes >= MAX_RETRY && ret == -EINTR) { qtfs_err("qtfs conn recv get retry signal(%d) too many times, stop retrying, signal:0x%lx", ret, (unsigned long)current->pending.signal.sig[0]); return ERR_PTR(ret); } diff --git a/qtfs/qtfs/sb.c b/qtfs/qtfs/sb.c index fb60261..a5bcc8e 100644 --- a/qtfs/qtfs/sb.c +++ b/qtfs/qtfs/sb.c @@ -155,8 +155,8 @@ int qtfs_readdir(struct file *filp, struct dir_context *ctx) int count = 0; struct getdents_callback64 *buf = container_of(ctx, struct getdents_callback64, ctx); - if (!pvar) { - qtfs_err("Failed to get qtfs sock var"); + if (!pvar || !buf) { + qtfs_err("Failed to get qtfs sock var(%p) or gentdents(%p)", pvar, buf); return -EINVAL; } @@ -168,7 +168,6 @@ int qtfs_readdir(struct file *filp, struct dir_context *ctx) req = pvar->conn_ops->get_conn_msg_buf(pvar, QTFS_SEND); rsp = pvar->conn_ops->get_conn_msg_buf(pvar, QTFS_RECV); QTFS_FULLNAME(req->path, filp->f_path.dentry, sizeof(req->path)); - // req->count = sizeof(rsp->dirent); count = sizeof(rsp->dirent); if (buf && buf->count > 0 && buf->count < sizeof(rsp->dirent)) { qtfs_info("readdir use input buf size(%d), prev_reclen(%d)", buf->count, buf->prev_reclen); @@ -198,7 +197,6 @@ int qtfs_readdir(struct file *filp, struct dir_context *ctx) } dirent = (struct qtfs_dirent64 *)&rsp->dirent[idx]; namelen = strlen(dirent->d_name); - // ret = dir_emit(ctx, dirent->d_name, namelen, dirent->d_ino, dirent->d_type); ret = ctx->actor(ctx, dirent->d_name, namelen, ctx->pos, dirent->d_ino, dirent->d_type); if (ret == -EINTR) { err = ret; @@ -210,7 +208,6 @@ int qtfs_readdir(struct file *filp, struct dir_context *ctx) (void *)dirent - (void *)rsp->dirent, dirent->d_name, ret, dirent->d_reclen, namelen, dirent->d_ino, dirent->d_type); } - // ctx->pos = (rsp->d.over) ? -1 : rsp->d.pos; ctx->pos = rsp->d.pos; qtfs_info("qtfs readdir<%s> success ret:%d vldcnt:%d dircnt:%d over:%d pos:%lld.", req->path, rsp->d.ret, rsp->d.vldcnt, dircnt, rsp->d.over, ctx->pos); diff --git a/qtfs/qtfs_common/qtfs_check.c b/qtfs/qtfs_common/qtfs_check.c index 8daad39..e2a7ec1 100644 --- a/qtfs/qtfs_common/qtfs_check.c +++ b/qtfs/qtfs_common/qtfs_check.c @@ -15,6 +15,26 @@ #include "req.h" #include "qtfs_check.h" +#define do_path_check(ops) \ +( \ + { \ + struct qtreq_##ops *req = TOREQ; \ + if (check_string(req->path, sizeof(req->path))) \ + return QTFS_CHECK_ERR; \ + return QTFS_CHECK_OK; \ + } \ +) + +#define do_fd_check(ops) \ +( \ + { \ + struct qtreq_##ops *req = TOREQ; \ + if (check_fd(req->fd)) \ + return QTFS_CHECK_ERR; \ + return QTFS_CHECK_OK; \ + } \ +) + /* 检查原则: 1. 基本数据类型,据实严格判断合法范围,有数组、指针操作的注意数组越界或指针飞踩; @@ -26,7 +46,7 @@ // string类型基本防护,在max范围内最后一个字符必须是结束符,防止越界访问 static inline bool check_string(char *str, size_t max) { - if (max == 0) + if (str == NULL || max == 0) return false; if (str[max - 1] != '\0') return true; @@ -50,37 +70,24 @@ int req_check_none(void *in) int req_check_mount(void *in) { - struct qtreq_mount *req = TOREQ; - - if (check_string(req->path, sizeof(req->path))) - return QTFS_CHECK_ERR; - return QTFS_CHECK_OK; + do_path_check(mount); } int req_check_open(void *in) { - struct qtreq_open *req = TOREQ; // flags 和 mode如果错误syscall会报错,不会有安全风险 - if (check_string(req->path, sizeof(req->path))) - return QTFS_CHECK_ERR; - return QTFS_CHECK_OK; + do_path_check(open); } int req_check_close(void *in) { - struct qtreq_close *req = TOREQ; - if (check_fd(req->fd)) - return QTFS_CHECK_ERR; - return QTFS_CHECK_OK; + do_fd_check(close); } int req_check_readiter(void *in) { - struct qtreq_readiter *req = TOREQ; - if (check_fd(req->fd)) - return QTFS_CHECK_ERR; - return QTFS_CHECK_OK; + do_fd_check(readiter); } int req_check_write(void *in) @@ -111,26 +118,17 @@ int req_check_readdir(void *in) int req_check_mkdir(void *in) { - struct qtreq_mkdir *req = TOREQ; - if (check_string(req->path, sizeof(req->path))) - return QTFS_CHECK_ERR; - return QTFS_CHECK_OK; + do_path_check(mkdir); } int req_check_rmdir(void *in) { - struct qtreq_rmdir *req = TOREQ; - if (check_string(req->path, sizeof(req->path))) - return QTFS_CHECK_ERR; - return QTFS_CHECK_OK; + do_path_check(rmdir); } int req_check_getattr(void *in) { - struct qtreq_getattr *req = TOREQ; - if (check_string(req->path, sizeof(req->path))) - return QTFS_CHECK_ERR; - return QTFS_CHECK_OK; + do_path_check(getattr); } int req_check_setattr(void *in) @@ -143,26 +141,17 @@ int req_check_setattr(void *in) int req_check_icreate(void *in) { - struct qtreq_icreate *req = TOREQ; - if (check_string(req->path, sizeof(req->path))) - return QTFS_CHECK_ERR; - return QTFS_CHECK_OK; + do_path_check(icreate); } int req_check_mknod(void *in) { - struct qtreq_mknod *req = TOREQ; - if (check_string(req->path, sizeof(req->path))) - return QTFS_CHECK_ERR; - return QTFS_CHECK_OK; + do_path_check(mknod); } int req_check_unlink(void *in) { - struct qtreq_unlink *req = TOREQ; - if (check_string(req->path, sizeof(req->path))) - return QTFS_CHECK_ERR; - return QTFS_CHECK_OK; + do_path_check(unlink); } int req_check_symlink(void *in) @@ -195,10 +184,7 @@ int req_check_link(void *in) int req_check_getlink(void *in) { - struct qtreq_getlink *req = TOREQ; - if (check_string(req->path, sizeof(req->path))) - return QTFS_CHECK_ERR; - return QTFS_CHECK_OK; + do_path_check(getlink); } int req_check_rename(void *in) @@ -216,10 +202,7 @@ int req_check_rename(void *in) } int req_check_xattrlist(void *in) { - struct qtreq_xattrlist *req = TOREQ; - if (check_string(req->path, sizeof(req->path))) - return QTFS_CHECK_ERR; - return QTFS_CHECK_OK; + do_path_check(xattrlist); } int req_check_xattrget(void *in) @@ -277,18 +260,12 @@ int req_check_sysumount(void *in) int req_check_fifopoll(void *in) { - struct qtreq_poll *req = TOREQ; - if (check_fd(req->fd)) - return QTFS_CHECK_ERR; - return QTFS_CHECK_OK; + do_fd_check(poll); } int req_check_statfs(void *in) { - struct qtreq_statfs *req = TOREQ; - if (check_string(req->path, sizeof(req->path))) - return QTFS_CHECK_ERR; - return QTFS_CHECK_OK; + do_path_check(statfs); } int req_check_ioctl(void *in) @@ -303,18 +280,12 @@ int req_check_ioctl(void *in) int req_check_epoll_ctl(void *in) { - struct qtreq_epollctl *req = TOREQ; - if (check_fd(req->fd)) - return QTFS_CHECK_ERR; - return QTFS_CHECK_OK; + do_fd_check(epollctl); } int req_check_llseek(void *in) { - struct qtreq_llseek *req = TOREQ; - if (check_fd(req->fd)) - return QTFS_CHECK_ERR; - return QTFS_CHECK_OK; + do_fd_check(llseek); } int req_check_sc_kill(void *in) diff --git a/qtfs/rexec/rexec.c b/qtfs/rexec/rexec.c index e24c0ad..f905cfa 100644 --- a/qtfs/rexec/rexec.c +++ b/qtfs/rexec/rexec.c @@ -150,7 +150,7 @@ static int rexec_conn_msg(struct rexec_client_event *evt) rexec_err("Rexec pidmap msg > 1 error."); return REXEC_EVENT_OK; } - sprintf(path, "%s/%d", REXEC_PIDMAP_PATH, mypid); + snprintf(path, REXEC_PIDMAP_PATH_LEN, "%s/%d", REXEC_PIDMAP_PATH, mypid); fd = open(path, O_CREAT|O_WRONLY, 0600); if (fd < 0) { rexec_err("Rexec create pidmap:%d-%d failed, path:%s open failed:%d", @@ -170,7 +170,7 @@ static int rexec_conn_msg(struct rexec_client_event *evt) rexec_err("Rexec pidmap file:%s lseek 0 failed errno:%d rexec exit", path, err); return REXEC_EVENT_EXIT; } - sprintf(buf, "%d", peerpid); + snprintf(buf, REXEC_PID_LEN, "%d", peerpid); if ((err = write(fd, buf, strlen(buf))) <= 0) { rexec_err("Rexec pidmap file:%s write pid:%d failed errno:%d rexec exit.", path, peerpid, err); return REXEC_EVENT_EXIT; @@ -316,7 +316,7 @@ static int rexec_run(int efd, int connfd, char *argv[]) // clear pidmap file if (pidfd > 0) { char path[32] = {0}; - sprintf(path, "%s/%d", REXEC_PIDMAP_PATH, getpid()); + snprintf(path, 32, "%s/%d", REXEC_PIDMAP_PATH, getpid()); close(pidfd); remove(path); } @@ -357,7 +357,7 @@ void rexec_clear_pids() continue; memset(path, 0, sizeof(path)); - sprintf(path, "%s/%s", REXEC_PIDMAP_PATH, entry->d_name); + snprintf(path, REXEC_PIDMAP_PATH_LEN, "%s/%s", REXEC_PIDMAP_PATH, entry->d_name); fd = open(path, O_RDONLY); if (fd <= 0) { rexec_err("open pid file:%s failed", path); @@ -401,7 +401,7 @@ static int rexec_get_fdinfo(struct dirent *fdentry, struct rexec_fdinfo *fdinfo) return -1; if (!rexec_is_reg_file(fd)) return -1; - sprintf(path, "/proc/self/fd/%s", fdentry->d_name); + snprintf(path, 32, "/proc/self/fd/%s", fdentry->d_name); ret = readlink(path, fdinfo->path, REXEC_PATH_MAX); if (ret < 0) { rexec_err("Get fd:%d link failed.", fd); @@ -624,6 +624,7 @@ static int rexec_send_binary_msg(int efd, int argc, char *argv[], int arglen, ch pmsg->argc = argc - 1; // for remote binary's argc is argc-1 // pmsg->msg is like: "binary"\0"argv[1]"\0"argv[2]"\0"..." pmsg->msglen = rexec_msg_fill_argv(pmsg->argc, &argv[1], bufmsg); + // bufmsg len has been calculated to make sure it will not overflow. strcpy(&bufmsg[pmsg->msglen], fds_json); pmsg->msglen += strlen(fds_json); free(fds_json); -- 2.37.1 (Apple Git-137.1)