Changes in / [c7c6afd:b6061f8c] in mainline

Files:

• common/stdc/uchar.c (modified) (4 diffs)
• common/str.c (modified) (12 diffs)
• uspace/app/sysinst/sysinst.c (modified) (1 diff)
• uspace/drv/block/isa-ide/main.c (modified) (2 diffs)
• uspace/drv/block/pci-ide/main.c (modified) (2 diffs)
• uspace/lib/c/test/adt/odict.c (modified) (1 diff)
• uspace/lib/c/test/str.c (modified) (2 diffs)

common/stdc/uchar.c

@@ -84 +84 @@
 }
 
+static bool _is_non_shortest(unsigned short cont, uint8_t b)
+{
+        return (cont == 0b1111110000000000 && !(b & 0b00100000)) ||
+            (cont == 0b1111111111110000 && !(b & 0b00110000));
+}
+
 size_t mbrtoc32(char32_t *c, const char *s, size_t n, mbstate_t *mb)
 {
@@ -139 +145 @@
 
                 if (_is_2_byte(b)) {
+                        /* Reject non-shortest form. */
+                        if (!(b & 0b00011110)) {
+                                _set_ilseq();
+                                return UCHAR_ILSEQ;
+                        }
+
                         /* 2 byte encoding               110xxxxx */
                         mb->continuation = b ^ 0b0000000011000000;
@@ -152 +164 @@
         }
 
-        while (i < n) {
+        for (; i < n; i++) {
                 /* Read continuation bytes. */
-
-                if (!_is_continuation(s[i])) {
+                uint8_t b = s[i];
+
+                if (!_is_continuation(b) || _is_non_shortest(mb->continuation, b)) {
                         _set_ilseq();
                         return UCHAR_ILSEQ;
@@ -162 +175 @@
                 /* Top bit becomes zero just before the last byte is shifted in. */
                 if (!(mb->continuation & 0x8000)) {
-                        *c = ((char32_t) mb->continuation) << 6 | (s[i++] & 0x3f);
+                        *c = ((char32_t) mb->continuation) << 6 | (b & 0x3f);
                         mb->continuation = 0;
-                        return i;
-                }
-
-                mb->continuation = mb->continuation << 6 | (s[i++] & 0x3f);
+                        return ++i;
+                }
+
+                mb->continuation = mb->continuation << 6 | (b & 0x3f);
         }
 

common/str.c

@@ -156 +156 @@
 static inline int _char_continuation_bytes(char32_t c)
 {
+        if ((c & ~LO_MASK_32(7)) == 0)
+                return 0;
+
         if ((c & ~LO_MASK_32(11)) == 0)
                 return 1;
@@ -207 +210 @@
 char32_t str_decode(const char *str, size_t *offset, size_t size)
 {
-        if (*offset + 1 > size)
+        if (*offset >= size)
                 return 0;
 
@@ -223 +226 @@
         /* Determine code length */
 
-        unsigned int cbytes = _continuation_bytes(b0);
-        unsigned int b0_bits = 6 - cbytes;  /* Data bits in first byte */
-
-        if (*offset + cbytes > size)
+        int cbytes = _continuation_bytes(b0);
+        int b0_bits = 6 - cbytes;  /* Data bits in first byte */
+
+        if (cbytes < 0 || *offset + cbytes > size)
                 return U_SPECIAL;
 
@@ -232 +235 @@
 
         /* Decode continuation bytes */
-        while (cbytes > 0) {
-                uint8_t b = (uint8_t) str[(*offset)++];
+        for (int i = 0; i < cbytes; i++) {
+                uint8_t b = (uint8_t) str[*offset];
 
                 if (!_is_continuation_byte(b))
                         return U_SPECIAL;
 
+                (*offset)++;
+
                 /* Shift data bits to ch */
                 ch = (ch << CONT_BITS) | (char32_t) (b & LO_MASK_8(CONT_BITS));
-                cbytes--;
-        }
+        }
+
+        /*
+         * Reject non-shortest form encodings.
+         * See https://www.unicode.org/versions/corrigendum1.html
+         */
+        if (cbytes != _char_continuation_bytes(ch))
+                return U_SPECIAL;
 
         return ch;
@@ -345 +356 @@
 
 /* Convert in place any bytes that don't form a valid character into U_SPECIAL. */
-static void _repair_string(char *str, size_t n)
-{
-        for (; *str && n > 0; str++, n--) {
-                int cont = _continuation_bytes(*str);
-                if (cont == 0)
+static void _sanitize_string(char *str, size_t n)
+{
+        uint8_t *b = (uint8_t *) str;
+
+        for (; *b && n > 0; b++, n--) {
+                int cont = _continuation_bytes(b[0]);
+                if (__builtin_expect(cont, 0) == 0)
                         continue;
 
                 if (cont < 0 || n <= (size_t) cont) {
-                        *str = U_SPECIAL;
+                        b[0] = U_SPECIAL;
                         continue;
                 }
 
+                /* Check continuation bytes. */
                 for (int i = 1; i <= cont; i++) {
-                        if (!_is_continuation_byte(str[i])) {
-                                *str = U_SPECIAL;
+                        if (!_is_continuation_byte(b[i])) {
+                                b[0] = U_SPECIAL;
                                 continue;
                         }
+                }
+
+                /*
+                 * Check for non-shortest form encoding.
+                 * See https://www.unicode.org/versions/corrigendum1.html
+                 */
+
+                switch (cont) {
+                case 1:
+                        /* 0b110!!!!x 0b10xxxxxx */
+                        if (!(b[0] & 0b00011110))
+                                b[0] = U_SPECIAL;
+
+                        continue;
+                case 2:
+                        /* 0b1110!!!! 0b10!xxxxx 0b10xxxxxx */
+                        if (!(b[0] & 0b00001111) && !(b[1] & 0b00100000))
+                                b[0] = U_SPECIAL;
+
+                        continue;
+                case 3:
+                        /* 0b11110!!! 0b10!!xxxx 0b10xxxxxx 0b10xxxxxx */
+                        if (!(b[0] & 0b00000111) && !(b[1] & 0b00110000))
+                                b[0] = U_SPECIAL;
+
+                        continue;
                 }
         }
@@ -881 +921 @@
 static void _str_cpyn(char *dest, size_t size, const char *src)
 {
+        assert(dest && src && size);
+
+        if (!dest || !src || !size)
+                return;
+
+        if (size == STR_NO_LIMIT)
+                return _str_cpy(dest, src);
+
         char *dest_top = dest + size - 1;
+        assert(size == 1 || dest < dest_top);
 
         while (*src && dest < dest_top)
@@ -907 +956 @@
         assert(src != NULL);
         assert(dest != NULL);
+        assert(size == STR_NO_LIMIT || dest + size > dest);
 
         /* Copy data. */
@@ -912 +962 @@
 
         /* In-place translate invalid bytes to U_SPECIAL. */
-        _repair_string(dest, size);
+        _sanitize_string(dest, size);
 }
 
@@ -941 +991 @@
 
         /* In-place translate invalid bytes to U_SPECIAL. */
-        _repair_string(dest, size);
+        _sanitize_string(dest, size);
 }
 
@@ -960 +1010 @@
         assert(dest != NULL);
         assert(size > 0);
+        assert(size == STR_NO_LIMIT || dest + size > dest);
 
         size_t dstr_size = _str_nsize(dest, size);
-        _str_cpyn(dest + dstr_size, size - dstr_size, src);
-        _repair_string(dest + dstr_size, size - dstr_size);
+        if (dstr_size < size) {
+                _str_cpyn(dest + dstr_size, size - dstr_size, src);
+                _sanitize_string(dest + dstr_size, size - dstr_size);
+        }
 }
 
@@ -1540 +1593 @@
                 return NULL;
 
-        _str_cpy(dest, src);
-        _repair_string(dest, size);
+        memcpy(dest, src, size);
+        _sanitize_string(dest, size);
         return dest;
 }
@@ -1567 +1620 @@
 char *str_ndup(const char *src, size_t n)
 {
-        size_t size = _str_nsize(src, n) + 1;
-
-        char *dest = malloc(size);
+        size_t size = _str_nsize(src, n);
+
+        char *dest = malloc(size + 1);
         if (!dest)
                 return NULL;
 
-        _str_cpyn(dest, size, src);
-        _repair_string(dest, size);
+        memcpy(dest, src, size);
+        _sanitize_string(dest, size);
+        dest[size] = 0;
         return dest;
 }

uspace/app/sysinst/sysinst.c

@@ -72 +72 @@
  */
 #define DEFAULT_DEV_0 "devices/\\hw\\sys\\00:01.1\\c0d0"
-#define DEFAULT_DEV_1 "devices/\\hw\\sys\\00:01.0\\ide1\\c0d0"
+#define DEFAULT_DEV_1 "devices/\\hw\\sys\\ide1\\c0d0"
 //#define DEFAULT_DEV "devices/\\hw\\pci0\\00:01.2\\uhci_rh\\usb01_a1\\mass-storage0\\l0"
 /** Volume label for the new file system */

uspace/drv/block/isa-ide/main.c

@@ -169 +169 @@
         isa_ide_ctrl_t *ctrl;
         isa_ide_hwres_t res;
+        unsigned chans;
         errno_t rc;
 
@@ -187 +188 @@
         ctrl->dev = dev;
 
+        chans = 0;
+
         rc = isa_ide_channel_init(ctrl, &ctrl->channel[0], 0, &res);
-        if (rc == ENOENT)
+        if (rc == EOK)
+                ++chans;
+        else if (rc != ENOENT)
                 goto error;
 
         rc = isa_ide_channel_init(ctrl, &ctrl->channel[1], 1, &res);
-        if (rc == ENOENT)
-                goto error;
-
-        if (rc != EOK) {
-                ddf_msg(LVL_ERROR, "Failed initializing ATA controller.");
+        if (rc == EOK)
+                ++chans;
+        else if (rc != ENOENT)
+                goto error;
+
+        if (chans == 0) {
+                ddf_msg(LVL_ERROR, "No ISA IDE devices found.");
                 rc = EIO;
                 goto error;

uspace/drv/block/pci-ide/main.c

@@ -136 +136 @@
         pci_ide_hwres_t res;
         async_sess_t *parent_sess;
+        unsigned chans;
         errno_t rc;
 
@@ -157 +158 @@
                 goto error;
 
+        chans = 0;
+
         rc = pci_ide_channel_init(ctrl, &ctrl->channel[0], 0, &res);
-        if (rc == ENOENT)
+        if (rc == EOK)
+                ++chans;
+        else if (rc != ENOENT)
                 goto error;
 
         rc = pci_ide_channel_init(ctrl, &ctrl->channel[1], 1, &res);
-        if (rc == ENOENT)
-                goto error;
-
-        if (rc != EOK) {
-                ddf_msg(LVL_ERROR, "Failed initializing ATA controller.");
+        if (rc == EOK)
+                ++chans;
+        else if (rc != ENOENT)
+                goto error;
+
+        if (chans == 0) {
+                ddf_msg(LVL_ERROR, "No PCI IDE devices found.");
                 rc = EIO;
                 goto error;

uspace/lib/c/test/adt/odict.c

@@ -233 +233 @@
 
                 e->key = v;
-                odict_insert(&e->odict, &odict, &ep->odict);
+                odict_insert(&e->odict, &odict, ep ? &ep->odict : NULL);
                 PCUT_ASSERT_ERRNO_VAL(EOK, odict_validate(&odict));
                 v = seq_next(v);

uspace/lib/c/test/str.c

@@ -27 +27 @@
  */
 
+#include "pcut/asserts.h"
 #include <stdio.h>
 #include <str.h>
@@ -115 +116 @@
 }
 
+PCUT_TEST(str_non_shortest)
+{
+        /* Overlong zero. */
+        const char overlong1[] = { 0b11000000, 0b10000000, 0 };
+        const char overlong2[] = { 0b11100000, 0b10000000, 0 };
+        const char overlong3[] = { 0b11110000, 0b10000000, 0 };
+
+        const char overlong4[] = { 0b11000001, 0b10111111, 0 };
+        const char overlong5[] = { 0b11100000, 0b10011111, 0b10111111, 0 };
+        const char overlong6[] = { 0b11110000, 0b10001111, 0b10111111, 0b10111111, 0 };
+
+        size_t offset = 0;
+        PCUT_ASSERT_INT_EQUALS(U_SPECIAL, str_decode(overlong1, &offset, sizeof(overlong1)));
+        offset = 0;
+        PCUT_ASSERT_INT_EQUALS(U_SPECIAL, str_decode(overlong2, &offset, sizeof(overlong2)));
+        offset = 0;
+        PCUT_ASSERT_INT_EQUALS(U_SPECIAL, str_decode(overlong3, &offset, sizeof(overlong3)));
+        offset = 0;
+        PCUT_ASSERT_INT_EQUALS(U_SPECIAL, str_decode(overlong4, &offset, sizeof(overlong4)));
+        offset = 0;
+        PCUT_ASSERT_INT_EQUALS(U_SPECIAL, str_decode(overlong5, &offset, sizeof(overlong5)));
+        offset = 0;
+        PCUT_ASSERT_INT_EQUALS(U_SPECIAL, str_decode(overlong6, &offset, sizeof(overlong6)));
+
+        char sanitized[sizeof(overlong6)];
+        str_cpy(sanitized, STR_NO_LIMIT, overlong1);
+        PCUT_ASSERT_INT_EQUALS(U_SPECIAL, sanitized[0]);
+        str_cpy(sanitized, STR_NO_LIMIT, overlong2);
+        PCUT_ASSERT_INT_EQUALS(U_SPECIAL, sanitized[0]);
+        str_cpy(sanitized, STR_NO_LIMIT, overlong3);
+        PCUT_ASSERT_INT_EQUALS(U_SPECIAL, sanitized[0]);
+        str_cpy(sanitized, STR_NO_LIMIT, overlong4);
+        PCUT_ASSERT_INT_EQUALS(U_SPECIAL, sanitized[0]);
+        str_cpy(sanitized, STR_NO_LIMIT, overlong5);
+        PCUT_ASSERT_INT_EQUALS(U_SPECIAL, sanitized[0]);
+        str_cpy(sanitized, STR_NO_LIMIT, overlong6);
+        PCUT_ASSERT_INT_EQUALS(U_SPECIAL, sanitized[0]);
+}
+
 PCUT_EXPORT(str);