• R/O
  • SSH
  • HTTPS

chibios: Commit


Commit MetaInfo

Revision15356 (tree)
Time2022-01-14 05:02:03
Authorgdisirio

Log Message

More memory checking code.

Change Summary

Incremental Difference

--- trunk/os/oslib/include/chmemchecks.h (revision 15355)
+++ trunk/os/oslib/include/chmemchecks.h (revision 15356)
@@ -80,9 +80,12 @@
8080 extern "C" {
8181 #endif
8282 #if CH_CFG_USE_MEMCHECKS == TRUE
83- bool chMemIsStringWithinX(const memory_area_t *map,
84- const char *s,
85- size_t n);
83+ size_t chMemIsStringWithinX(const memory_area_t *map,
84+ const char *s,
85+ size_t max);
86+ size_t chMemIsPointersArrayWithinX(const memory_area_t *map,
87+ const void *pp[],
88+ size_t max);
8689 bool chMemIsSpaceContainedX(const memory_area_t areas[],
8790 const void *p,
8891 size_t size);
--- trunk/os/oslib/src/chmemchecks.c (revision 15355)
+++ trunk/os/oslib/src/chmemchecks.c (revision 15356)
@@ -94,30 +94,67 @@
9494 *
9595 * @param[in] map pointer to a @p memory_area_t structure
9696 * @param[in] s pointer to the string to be checked
97- * @param[in] n maximum expected size of the string
98- * @return The test result.
99- * @retval true if the string is entirely contained within one of the
100- * specified areas.
101- * @retval false if the string check failed.
97+ * @param[in] max maximum expected size of the string inclusive of the
98+ * final zero
99+ * @return The string size inclusive of the final zero.
100+ * @retval 0 if the string check failed.
102101 *
103102 * @xclass
104103 */
105-bool chMemIsStringWithinX(const memory_area_t *map, const char *s, size_t n) {
104+size_t chMemIsStringWithinX(const memory_area_t *map,
105+ const char *s,
106+ size_t max) {
106107 const char *base = (const char *)map->base;
107108 const char *end = (const char *)base + map->size - (size_t)1;
108109
109110 if (s >= base) {
110- while ((s <= end) && (n > 0U)) {
111- if (*s == '\0') {
112- return true;
111+ size_t n;
112+
113+ n = (size_t)0;
114+ while ((s <= end) && (n < max)) {
115+ n++;
116+ if (*s++ == '\0') {
117+ return n;
113118 }
119+ }
120+ }
114121
115- s++;
116- n--;
122+ return (size_t)0;
123+}
124+
125+/**
126+ * @brief Pointers array check.
127+ * @details Checks if specified pointers array is entirely contained in the
128+ * specified memory area.
129+ *
130+ * @param[in] map pointer to a @p memory_area_t structure
131+ * @param[in] pp zero-terminated pointers array to be checked
132+ * @param[in] max maximum expected size of the pointers array inclusive
133+ * of the final zero
134+ * @return The pointers array size inclusive of the final zero.
135+ * @retval 0 if the pointers array check failed.
136+ *
137+ * @xclass
138+ */
139+size_t chMemIsPointersArrayWithinX(const memory_area_t *map,
140+ const void *pp[],
141+ size_t max) {
142+ const void **base = (const void **)(void *)map->base;
143+ const void **end = (const void **)(void *)(map->base + map->size - sizeof (void *));
144+
145+ if (pp >= base) {
146+ size_t n;
147+
148+ n = (size_t)0;
149+ while ((pp <= end) && (n < max)) {
150+ n += sizeof (void *);
151+ if (*pp++ == NULL) {
152+ return n;
153+ }
117154 }
118155 }
119156
120- return false;
157+ return (size_t)0;
121158 }
122159
123160 /**
--- trunk/os/sb/host/sbhost.c (revision 15355)
+++ trunk/os/sb/host/sbhost.c (revision 15356)
@@ -61,7 +61,7 @@
6161 const sb_memory_region_t *rp = &sbcp->config->regions[0];
6262
6363 do {
64- if (chMemIsSpaceWithinX(&rp->area, start, size)) {
64+ if (rp->used && chMemIsSpaceWithinX(&rp->area, start, size)) {
6565 return true;
6666 }
6767 rp++;
@@ -74,7 +74,7 @@
7474 const sb_memory_region_t *rp = &sbcp->config->regions[0];
7575
7676 do {
77- if (chMemIsSpaceWithinX(&rp->area, start, size)) {
77+ if (rp->used && chMemIsSpaceWithinX(&rp->area, start, size)) {
7878 return rp->writeable;
7979 }
8080 rp++;
@@ -83,19 +83,59 @@
8383 return false;
8484 }
8585
86-bool sb_is_valid_string_range(sb_class_t *sbcp, const char *s, size_t n) {
86+size_t sb_check_string(sb_class_t *sbcp, const char *s, size_t max) {
8787 const sb_memory_region_t *rp = &sbcp->config->regions[0];
8888
8989 do {
90- if (chMemIsStringWithinX(&rp->area, s, n)) {
91- return true;
90+ if (rp->used) {
91+ size_t n = chMemIsStringWithinX(&rp->area, s, max);
92+ if (n > (size_t)0) {
93+ return n;
94+ }
9295 }
9396 rp++;
9497 } while (rp < &sbcp->config->regions[SB_CFG_NUM_REGIONS]);
9598
96- return false;
99+ return (size_t)0;
97100 }
98101
102+size_t sb_check_pointers_array(sb_class_t *sbcp, const void *pp[], size_t max) {
103+ const sb_memory_region_t *rp = &sbcp->config->regions[0];
104+
105+ do {
106+ if (rp->used) {
107+ size_t an = chMemIsPointersArrayWithinX(&rp->area, pp, max);
108+ if (an > (size_t)0) {
109+ return an;
110+ }
111+ }
112+ rp++;
113+ } while (rp < &sbcp->config->regions[SB_CFG_NUM_REGIONS]);
114+
115+ return (size_t)0;
116+}
117+
118+size_t sb_check_strings_array(sb_class_t *sbcp, const char *pp[], size_t max) {
119+ const char *s;
120+ size_t n;
121+
122+ n = sb_check_pointers_array(sbcp, (const void **)pp, max);
123+ if (n > (size_t)0) {
124+ while ((s = *pp++) != NULL) {
125+ size_t sn;
126+
127+ sn = sb_check_string(sbcp, s, max - n);
128+ if (sn == (size_t)0) {
129+ return (size_t)0;
130+ }
131+
132+ n += sn;
133+ }
134+ }
135+
136+ return n;
137+}
138+
99139 /**
100140 * @brief Sandbox object initialization.
101141 *
--- trunk/os/sb/host/sbhost.h (revision 15355)
+++ trunk/os/sb/host/sbhost.h (revision 15356)
@@ -94,7 +94,9 @@
9494 void port_syscall(struct port_extctx *ctxp, uint32_t n);
9595 bool sb_is_valid_read_range(sb_class_t *sbcp, const void *start, size_t size);
9696 bool sb_is_valid_write_range(sb_class_t *sbcp, void *start, size_t size);
97- bool sb_is_valid_string_range(sb_class_t *sbcp, const char *s, size_t n);
97+ size_t sb_check_string(sb_class_t *sbcp, const char *s, size_t max);
98+ size_t sb_check_pointers_array(sb_class_t *sbcp, const void *pp[], size_t max);
99+ size_t sb_check_strings_array(sb_class_t *sbcp, const char *pp[], size_t max);
98100 void sbObjectInit(sb_class_t *sbcp, const sb_config_t *config);
99101 thread_t *sbStartThread(sb_class_t *sbcp, const char *name,
100102 void *wsp, size_t size, tprio_t prio,
--- trunk/os/sb/host/sbposix.c (revision 15355)
+++ trunk/os/sb/host/sbposix.c (revision 15356)
@@ -92,7 +92,7 @@
9292 vfs_node_c *np = NULL;
9393 msg_t ret;
9494
95- if (!sb_is_valid_string_range(sbp, (void *)path, VFS_CFG_PATHLEN_MAX)) {
95+ if (sb_check_string(sbp, (void *)path, VFS_CFG_PATHLEN_MAX + 1) == (size_t)0) {
9696 return CH_RET_EFAULT;
9797 }
9898
Show on old repository browser