VFS: Use safe string copy functions
This commit is contained in:
Thomas Veerman
parent
1d48c0148e
commit
77dbd766c1
|
|
@ -83,7 +83,7 @@ void fs_sendmore(struct vmnt *vmp)
|
|||
worker->w_next = NULL;
|
||||
sending--;
|
||||
assert(sending >= 0);
|
||||
sendmsg(vmp, worker->w_job.j_fp);
|
||||
(void) sendmsg(vmp, worker->w_job.j_fp);
|
||||
}
|
||||
|
||||
/*===========================================================================*
|
||||
|
|
|
|||
|
|
@ -77,7 +77,7 @@ int do_mapdriver()
|
|||
* map_driver *
|
||||
*===========================================================================*/
|
||||
int map_driver(label, major, proc_nr_e, style, flags)
|
||||
const char *label; /* name of the driver */
|
||||
const char label[LABEL_MAX]; /* name of the driver */
|
||||
int major; /* major number of the device */
|
||||
endpoint_t proc_nr_e; /* process number of the driver */
|
||||
int style; /* style of the device */
|
||||
|
|
@ -120,7 +120,7 @@ int flags; /* device flags */
|
|||
len = strlen(label);
|
||||
if (len+1 > sizeof(dp->dmap_label))
|
||||
panic("VFS: map_driver: label too long: %d", len);
|
||||
strcpy(dp->dmap_label, label);
|
||||
strlcpy(dp->dmap_label, label, LABEL_MAX);
|
||||
}
|
||||
|
||||
/* Store driver I/O routines based on type of device */
|
||||
|
|
|
|||
|
|
@ -140,7 +140,7 @@ static int get_read_vp(struct vfs_exec_info *execi,
|
|||
char *cp = strrchr(fullpath, '/');
|
||||
if(cp) cp++;
|
||||
else cp = fullpath;
|
||||
strncpy(execi->args.progname, cp, sizeof(execi->args.progname)-1);
|
||||
strlcpy(execi->args.progname, cp, sizeof(execi->args.progname));
|
||||
execi->args.progname[sizeof(execi->args.progname)-1] = '\0';
|
||||
}
|
||||
|
||||
|
|
@ -243,7 +243,7 @@ int pm_exec(endpoint_t proc_e, vir_bytes path, size_t path_len,
|
|||
|
||||
/* Get the exec file name. */
|
||||
FAILCHECK(fetch_name(path, path_len, fullpath));
|
||||
strcpy(finalexec, fullpath);
|
||||
strlcpy(finalexec, fullpath, PATH_MAX);
|
||||
|
||||
/* Get_read_vp will return an opened vn in execi.
|
||||
* if necessary it releases the existing vp so we can
|
||||
|
|
@ -261,9 +261,9 @@ int pm_exec(endpoint_t proc_e, vir_bytes path, size_t path_len,
|
|||
* args to stack and retrieve the new binary
|
||||
* name into fullpath.
|
||||
*/
|
||||
FAILCHECK(fetch_name(path, path_len, fullpath));
|
||||
FAILCHECK(fetch_name(path, path_len, fullpath));
|
||||
FAILCHECK(patch_stack(execi.vp, mbuf, &frame_len, fullpath));
|
||||
strcpy(finalexec, fullpath);
|
||||
strlcpy(finalexec, fullpath, PATH_MAX);
|
||||
Get_read_vp(execi, fullpath, 1, 0, &resolve, fp);
|
||||
}
|
||||
|
||||
|
|
@ -287,13 +287,13 @@ int pm_exec(endpoint_t proc_e, vir_bytes path, size_t path_len,
|
|||
}
|
||||
|
||||
/* Remember it */
|
||||
strcpy(execi.execname, finalexec);
|
||||
strlcpy(execi.execname, finalexec, PATH_MAX);
|
||||
|
||||
/* The executable we need to execute first (loader)
|
||||
* is in elf_interpreter, and has to be in fullpath to
|
||||
* be looked up
|
||||
*/
|
||||
strcpy(fullpath, elf_interpreter);
|
||||
strlcpy(fullpath, elf_interpreter, PATH_MAX);
|
||||
Get_read_vp(execi, fullpath, 0, 0, &resolve, fp);
|
||||
}
|
||||
|
||||
|
|
@ -344,7 +344,7 @@ int pm_exec(endpoint_t proc_e, vir_bytes path, size_t path_len,
|
|||
}
|
||||
|
||||
/* Remember the new name of the process */
|
||||
strcpy(rfp->fp_name, execi.args.progname);
|
||||
strlcpy(rfp->fp_name, execi.args.progname, PROC_NAME_LEN);
|
||||
|
||||
pm_execfinal:
|
||||
if (execi.vp != NULL) {
|
||||
|
|
@ -440,7 +440,7 @@ static int stack_prepare_elf(struct vfs_exec_info *execi, char *frame, size_t *f
|
|||
|
||||
/* Empty space starts here; we can put the name here. */
|
||||
spacestart = (char *) a;
|
||||
strcpy(spacestart, execi->execname);
|
||||
strlcpy(spacestart, execi->execname, PATH_MAX);
|
||||
|
||||
/* What will the address of the string for the user be */
|
||||
userp = *newsp + (spacestart-frame);
|
||||
|
|
@ -585,7 +585,7 @@ int replace
|
|||
/* Reposition the strings by offset bytes */
|
||||
memmove(stack + a1 + offset, stack + a1, old_bytes - a1);
|
||||
|
||||
strcpy(stack + a0, arg); /* Put arg in the new space. */
|
||||
strlcpy(stack + a0, arg, PATH_MAX); /* Put arg in the new space. */
|
||||
|
||||
if (!replace) {
|
||||
/* Make space for a new argv[0]. */
|
||||
|
|
|
|||
|
|
@ -85,7 +85,8 @@ void init_filps(void)
|
|||
struct filp *f;
|
||||
|
||||
for (f = &filp[0]; f < &filp[NR_FILPS]; f++) {
|
||||
mutex_init(&f->filp_lock, NULL);
|
||||
if (mutex_init(&f->filp_lock, NULL) != 0)
|
||||
panic("Failed to initialize filp mutex");
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -237,7 +237,7 @@ int do_rename()
|
|||
put_vnode(old_dirp);
|
||||
return(ENAMETOOLONG);
|
||||
}
|
||||
strcpy(old_name, fullpath);
|
||||
strlcpy(old_name, fullpath, PATH_MAX);
|
||||
|
||||
/* See if 'name2' (new name) exists. Get dir inode */
|
||||
lookup_init(&resolve, fullpath, PATH_NOFLAGS, &newvmp, &new_dirp);
|
||||
|
|
|
|||
|
|
@ -138,6 +138,7 @@ int do_dup()
|
|||
unlock_filp(f); /* or it might deadlock on do_close */
|
||||
(void) close_fd(fp, rfd2); /* cannot fail */
|
||||
f = get_filp(rfd, VNODE_READ); /* lock old_fd again */
|
||||
if (f == NULL) return(err_code);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -661,7 +662,8 @@ int do_svrctl()
|
|||
r = OK;
|
||||
} else if (!strcmp(search_key, "active_threads")) {
|
||||
int active = NR_WTHREADS - worker_available();
|
||||
sprintf(small_buf, "%d", active);
|
||||
snprintf(small_buf, sizeof(small_buf) - 1,
|
||||
"%d", active);
|
||||
sysgetenv.vallen = strlen(small_buf);
|
||||
r = OK;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -317,7 +317,7 @@ char mount_label[LABEL_MAX] )
|
|||
* Nothing else can go wrong. Perform the mount. */
|
||||
new_vmp->m_root_node = root_node;
|
||||
new_vmp->m_mounted_on = NULL;
|
||||
strcpy(new_vmp->m_label, mount_label);
|
||||
strlcpy(new_vmp->m_label, mount_label, LABEL_MAX);
|
||||
if (is_nonedev(dev)) alloc_nonedev(dev);
|
||||
update_bspec(dev, fs_e, 0 /* Don't send new driver endpoint */);
|
||||
|
||||
|
|
@ -364,7 +364,7 @@ char mount_label[LABEL_MAX] )
|
|||
/* Nothing else can go wrong. Perform the mount. */
|
||||
new_vmp->m_mounted_on = vp;
|
||||
new_vmp->m_root_node = root_node;
|
||||
strcpy(new_vmp->m_label, mount_label);
|
||||
strlcpy(new_vmp->m_label, mount_label, LABEL_MAX);
|
||||
|
||||
/* Allocate the pseudo device that was found, if not using a real device. */
|
||||
if (is_nonedev(dev)) alloc_nonedev(dev);
|
||||
|
|
@ -404,7 +404,7 @@ void mount_pfs(void)
|
|||
|
||||
vmp->m_dev = dev;
|
||||
vmp->m_fs_e = PFS_PROC_NR;
|
||||
strcpy(vmp->m_label, "pfs");
|
||||
strlcpy(vmp->m_label, "pfs", LABEL_MAX);
|
||||
|
||||
rfp = &fproc[_ENDPOINT_P(PFS_PROC_NR)];
|
||||
rfp->fp_flags |= FP_SYS_PROC; /* PFS is a driver and an FS */
|
||||
|
|
@ -447,7 +447,7 @@ int do_umount(void)
|
|||
*/
|
||||
if (strlen(label) >= M3_LONG_STRING) /* should never evaluate to true */
|
||||
label[M3_LONG_STRING-1] = 0;
|
||||
strcpy(m_out.umount_label, label);
|
||||
strlcpy(m_out.umount_label, label, M3_LONG_STRING);
|
||||
return(OK);
|
||||
}
|
||||
|
||||
|
|
@ -457,7 +457,7 @@ int do_umount(void)
|
|||
*===========================================================================*/
|
||||
int unmount(
|
||||
dev_t dev, /* block-special device */
|
||||
char *label /* buffer to retrieve label, or NULL */
|
||||
char label[LABEL_MAX] /* buffer to retrieve label, or NULL */
|
||||
)
|
||||
{
|
||||
struct vnode *vp;
|
||||
|
|
@ -510,7 +510,7 @@ int unmount(
|
|||
|
||||
if (is_nonedev(vmp->m_dev)) free_nonedev(vmp->m_dev);
|
||||
|
||||
if (label != NULL) strcpy(label, vmp->m_label);
|
||||
if (label != NULL) strlcpy(label, vmp->m_label, LABEL_MAX);
|
||||
|
||||
if (vmp->m_root_node) { /* PFS lacks a root node */
|
||||
vmp->m_root_node->v_ref_count = 0;
|
||||
|
|
|
|||
|
|
@ -209,16 +209,16 @@ struct fproc *rfp;
|
|||
/* Just an entry in the current working directory. Prepend
|
||||
* "./" in front of the path and resolve it.
|
||||
*/
|
||||
strncpy(dir_entry, resolve->l_path, NAME_MAX);
|
||||
strlcpy(dir_entry, resolve->l_path, NAME_MAX+1);
|
||||
dir_entry[NAME_MAX] = '\0';
|
||||
resolve->l_path[0] = '.';
|
||||
resolve->l_path[1] = '\0';
|
||||
} else if (cp[1] == '\0') {
|
||||
/* Path ends in a slash. The directory entry is '.' */
|
||||
strcpy(dir_entry, ".");
|
||||
strlcpy(dir_entry, ".", NAME_MAX+1);
|
||||
} else {
|
||||
/* A path name for the directory and a directory entry */
|
||||
strncpy(dir_entry, cp+1, NAME_MAX);
|
||||
strlcpy(dir_entry, cp+1, NAME_MAX+1);
|
||||
cp[1] = '\0';
|
||||
dir_entry[NAME_MAX] = '\0';
|
||||
}
|
||||
|
|
@ -243,7 +243,7 @@ struct fproc *rfp;
|
|||
* symlink, then we're not at the last directory, yet. */
|
||||
|
||||
/* Copy the directory entry back to user_fullpath */
|
||||
strncpy(resolve->l_path, dir_entry, NAME_MAX + 1);
|
||||
strlcpy(resolve->l_path, dir_entry, NAME_MAX + 1);
|
||||
|
||||
/* Look up the directory entry, but do not follow the symlink when it
|
||||
* is one.
|
||||
|
|
@ -323,7 +323,7 @@ struct fproc *rfp;
|
|||
}
|
||||
|
||||
/* Copy the directory entry back to user_fullpath */
|
||||
strncpy(resolve->l_path, dir_entry, NAME_MAX + 1);
|
||||
strlcpy(resolve->l_path, dir_entry, NAME_MAX + 1);
|
||||
|
||||
/* Turn PATH_RET_SYMLINK flag back on if it was on */
|
||||
if (ret_on_symlink) resolve->l_flags |= PATH_RET_SYMLINK;
|
||||
|
|
@ -571,7 +571,7 @@ char ename[NAME_MAX + 1];
|
|||
cur = (struct dirent *) (buf + consumed);
|
||||
if (entry->v_inode_nr == cur->d_ino) {
|
||||
/* found the entry we were looking for */
|
||||
strncpy(ename, cur->d_name, NAME_MAX);
|
||||
strlcpy(ename, cur->d_name, NAME_MAX+1);
|
||||
ename[NAME_MAX] = '\0';
|
||||
return(OK);
|
||||
}
|
||||
|
|
@ -601,7 +601,7 @@ struct fproc *rfp;
|
|||
struct lookup resolve;
|
||||
|
||||
dir_vp = NULL;
|
||||
strncpy(temp_path, orig_path, PATH_MAX);
|
||||
strlcpy(temp_path, orig_path, PATH_MAX);
|
||||
temp_path[PATH_MAX - 1] = '\0';
|
||||
|
||||
/* First resolve path to the last directory holding the file */
|
||||
|
|
@ -620,7 +620,7 @@ struct fproc *rfp;
|
|||
/* dir_vp points to dir and resolve path now contains only the
|
||||
* filename.
|
||||
*/
|
||||
strncpy(orig_path, temp_path, NAME_MAX); /* Store file name */
|
||||
strlcpy(orig_path, temp_path, NAME_MAX+1); /* Store file name */
|
||||
|
||||
/* check if the file is a symlink, if so resolve it */
|
||||
r = rdlink_direct(orig_path, temp_path, rfp);
|
||||
|
|
@ -629,7 +629,7 @@ struct fproc *rfp;
|
|||
break;
|
||||
|
||||
/* encountered a symlink -- loop again */
|
||||
strncpy(orig_path, temp_path, PATH_MAX - 1);
|
||||
strlcpy(orig_path, temp_path, PATH_MAX);
|
||||
symloop++;
|
||||
} while (symloop < SYMLOOP_MAX);
|
||||
|
||||
|
|
@ -646,7 +646,7 @@ struct fproc *rfp;
|
|||
* here we start building up the canonical path by climbing up the tree */
|
||||
while (dir_vp != rfp->fp_rd) {
|
||||
|
||||
strcpy(temp_path, "..");
|
||||
strlcpy(temp_path, "..", NAME_MAX+1);
|
||||
|
||||
/* check if we're at the root node of the file system */
|
||||
if (dir_vp->v_vmnt->m_root_node == dir_vp) {
|
||||
|
|
|
|||
|
|
@ -149,7 +149,7 @@ int is_nonedev(dev_t dev);
|
|||
void mount_pfs(void);
|
||||
int mount_fs(dev_t dev, char fullpath[PATH_MAX+1], endpoint_t fs_e, int
|
||||
rdonly, char mount_label[LABEL_MAX]);
|
||||
int unmount(dev_t dev, char *label);
|
||||
int unmount(dev_t dev, char label[LABEL_MAX]);
|
||||
void unmount_all(void);
|
||||
|
||||
/* open.c */
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@
|
|||
#include <minix/endpoint.h>
|
||||
#include <unistd.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <assert.h>
|
||||
#include "file.h"
|
||||
#include "fproc.h"
|
||||
|
|
@ -44,11 +45,9 @@ inline int copy_name( size_t len, char *dest)
|
|||
|
||||
if (len <= M3_STRING) {
|
||||
/* Just copy the path from the message */
|
||||
unsigned int count = 0;
|
||||
rpu = &dest[0];
|
||||
rpm = job_m_in.pathname; /* contained in input message */
|
||||
for (count = 0; count <= len; count++)
|
||||
*rpu++ = *rpm++;
|
||||
strncpy(dest, job_m_in.pathname, len);
|
||||
} else {
|
||||
/* String is not contained in the message. */
|
||||
err_code = EINVAL;
|
||||
|
|
|
|||
Loading…
Reference in a new issue