Skip to content

Commit

Permalink
Merge pull request #68 from douzzer/20241007-C23-fortify-source-llvm-…
Browse files Browse the repository at this point in the history 
…20-etc

20241007-C23-fortify-source-llvm-20-etc
  • Loading branch information
@philljj
philljj authored Oct 16, 2024
2 parents eb5cfb5 + 272586b commit 46af28f
Show file tree
Hide file tree
Showing 12 changed files with 392 additions and 277 deletions.
65 changes: 54 additions & 11 deletions Makefile.analyzers
View file

Large diffs are not rendered by default.

19 changes: 10 additions & 9 deletions src/actions.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ static wolfsentry_errcode_t wolfsentry_action_init_1(const char *label, int labe
if (label_len <= 0)
WOLFSENTRY_ERROR_RETURN(INVALID_ARG);

if (action_size < sizeof *action + (size_t)label_len + 1)
if (action_size < offsetof(struct wolfsentry_action, label) + (size_t)label_len + 1)
WOLFSENTRY_ERROR_RETURN(BUFFER_TOO_SMALL);

memset(&action->header, 0, sizeof action->header);
Expand Down Expand Up @@ -107,7 +107,7 @@ WOLFSENTRY_LOCAL wolfsentry_errcode_t wolfsentry_action_clone(
struct wolfsentry_table_ent_header **new_ent,
wolfsentry_clone_flags_t flags)
{
struct wolfsentry_action * const src_action = (struct wolfsentry_action * const)src_ent;
const struct wolfsentry_action * const src_action = (const struct wolfsentry_action * const)src_ent;
struct wolfsentry_action ** const new_action = (struct wolfsentry_action ** const)new_ent;
size_t new_size = sizeof *src_action + (size_t)(src_action->label_len) + 1;

Expand Down Expand Up @@ -178,11 +178,12 @@ WOLFSENTRY_API wolfsentry_errcode_t wolfsentry_action_insert(

WOLFSENTRY_API wolfsentry_errcode_t wolfsentry_action_delete(WOLFSENTRY_CONTEXT_ARGS_IN, const char *label, int label_len, wolfsentry_action_res_t *action_results) {
wolfsentry_errcode_t ret;
struct {
struct wolfsentry_action action;
byte buf[WOLFSENTRY_MAX_LABEL_BYTES+1];
} target;
struct wolfsentry_action *target_p = &target.action;
WOLFSENTRY_STACKBUF(
struct wolfsentry_action,
label,
WOLFSENTRY_MAX_LABEL_BYTES+1,
target);
struct wolfsentry_action *target_p = &target.target;

if ((label_len == 0) || (label == NULL))
WOLFSENTRY_ERROR_RETURN(INVALID_ARG);
Expand All @@ -195,12 +196,12 @@ WOLFSENTRY_API wolfsentry_errcode_t wolfsentry_action_delete(WOLFSENTRY_CONTEXT_
WOLFSENTRY_ERROR_RETURN(STRING_ARG_TOO_LONG);
}

ret = wolfsentry_action_init_1(label, label_len, WOLFSENTRY_ACTION_FLAG_NONE, NULL, NULL, &target.action, sizeof target);
ret = wolfsentry_action_init_1(label, label_len, WOLFSENTRY_ACTION_FLAG_NONE, NULL, NULL, &target.target, sizeof target);
WOLFSENTRY_RERETURN_IF_ERROR(ret);

WOLFSENTRY_MUTEX_OR_RETURN();

target.action.header.parent_table = &wolfsentry->actions->header;
target.target.header.parent_table = &wolfsentry->actions->header;

if ((ret = wolfsentry_table_ent_delete(WOLFSENTRY_CONTEXT_ARGS_OUT, (struct wolfsentry_table_ent_header **)&target_p)) < 0)
goto out;
Expand Down
9 changes: 5 additions & 4 deletions src/addr_families.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -264,10 +264,11 @@ static wolfsentry_errcode_t wolfsentry_addr_family_get_byname_1(
struct wolfsentry_addr_family_bynumber **addr_family)
{
wolfsentry_errcode_t ret;
struct {
struct wolfsentry_addr_family_byname target;
byte buf[WOLFSENTRY_MAX_LABEL_BYTES];
} target;
WOLFSENTRY_STACKBUF(
struct wolfsentry_addr_family_byname,
name,
WOLFSENTRY_MAX_LABEL_BYTES,
target);

struct wolfsentry_addr_family_byname *addr_family_1 = &target.target;

Expand Down
17 changes: 9 additions & 8 deletions src/events.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ static wolfsentry_errcode_t wolfsentry_event_init_1(const char *label, int label
if (label_len <= 0)
WOLFSENTRY_ERROR_RETURN(INVALID_ARG);

if (event_size < sizeof *event + (size_t)label_len + 1)
if (event_size < offsetof(struct wolfsentry_event, label) + (size_t)label_len + 1)
WOLFSENTRY_ERROR_RETURN(BUFFER_TOO_SMALL);

memset(&event->header, 0, sizeof event->header);
Expand Down Expand Up @@ -134,7 +134,7 @@ WOLFSENTRY_LOCAL wolfsentry_errcode_t wolfsentry_event_clone_bare(
struct wolfsentry_table_ent_header ** const new_ent,
wolfsentry_clone_flags_t flags)
{
struct wolfsentry_event * const src_event = (struct wolfsentry_event * const)src_ent;
const struct wolfsentry_event * const src_event = (const struct wolfsentry_event * const)src_ent;
struct wolfsentry_event ** const new_event = (struct wolfsentry_event ** const)new_ent;
size_t new_size = sizeof *src_event + (size_t)(src_event->label_len) + 1;

Expand Down Expand Up @@ -316,11 +316,12 @@ WOLFSENTRY_API const struct wolfsentry_event *wolfsentry_event_get_aux_event(con

static wolfsentry_errcode_t wolfsentry_event_get_1(WOLFSENTRY_CONTEXT_ARGS_IN, const char *label, int label_len, struct wolfsentry_event **event) {
wolfsentry_errcode_t ret;
struct {
struct wolfsentry_event event;
byte buf[WOLFSENTRY_MAX_LABEL_BYTES];
} target;
struct wolfsentry_event *event_1 = &target.event;
WOLFSENTRY_STACKBUF(
struct wolfsentry_event,
label,
WOLFSENTRY_MAX_LABEL_BYTES,
target);
struct wolfsentry_event *event_1 = &target.target;

if (label_len == 0)
WOLFSENTRY_ERROR_RETURN(INVALID_ARG);
Expand All @@ -329,7 +330,7 @@ static wolfsentry_errcode_t wolfsentry_event_get_1(WOLFSENTRY_CONTEXT_ARGS_IN, c
if (label_len > WOLFSENTRY_MAX_LABEL_BYTES)
WOLFSENTRY_ERROR_RETURN(STRING_ARG_TOO_LONG);

ret = wolfsentry_event_init_1(label, label_len, 0, NULL, &target.event, sizeof target);
ret = wolfsentry_event_init_1(label, label_len, 0, NULL, &target.target, sizeof target);
WOLFSENTRY_RERETURN_IF_ERROR(ret);

ret = wolfsentry_table_ent_get(WOLFSENTRY_CONTEXT_ARGS_OUT, &wolfsentry->events->header, (struct wolfsentry_table_ent_header **)&event_1);
Expand Down
2 changes: 1 addition & 1 deletion src/json/centijson_value.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -839,7 +839,7 @@ json_value_string(const JSON_VALUE* v)
WOLFSENTRY_API size_t
json_value_string_length(const JSON_VALUE* v)
{
uint8_t* payload;
const uint8_t* payload;
size_t off = 0;
size_t len = 0;
unsigned shift = 0;
Expand Down
17 changes: 12 additions & 5 deletions src/json/load_config.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1902,9 +1902,11 @@ WOLFSENTRY_API wolfsentry_errcode_t wolfsentry_config_json_feed(
WOLFSENTRY_SET_BITS(jps->load_flags, WOLFSENTRY_CONFIG_LOAD_FLAG_FINI);
if (err_buf) {
if (WOLFSENTRY_ERROR_DECODE_SOURCE_ID(jps->fini_ret) == WOLFSENTRY_SOURCE_ID_UNSET)
snprintf(err_buf, err_buf_size, "json_feed failed at offset %d, line %u, col %u, with centijson code " WOLFSENTRY_ERRCODE_FMT ": %s", (int)json_pos.offset, json_pos.line_number, json_pos.column_number, (int)jps->fini_ret, json_error_str(jps->fini_ret));
ret = snprintf(err_buf, err_buf_size, "json_feed failed at offset %d, line %u, col %u, with centijson code " WOLFSENTRY_ERRCODE_FMT ": %s", (int)json_pos.offset, json_pos.line_number, json_pos.column_number, (int)jps->fini_ret, json_error_str(jps->fini_ret));
else
snprintf(err_buf, err_buf_size, "json_feed failed at offset %d, line %u, col %u, with " WOLFSENTRY_ERROR_FMT, (int)json_pos.offset, json_pos.line_number, json_pos.column_number, WOLFSENTRY_ERROR_FMT_ARGS(jps->fini_ret));
ret = snprintf(err_buf, err_buf_size, "json_feed failed at offset %d, line %u, col %u, with " WOLFSENTRY_ERROR_FMT, (int)json_pos.offset, json_pos.line_number, json_pos.column_number, WOLFSENTRY_ERROR_FMT_ARGS(jps->fini_ret));
if (ret >= (int)err_buf_size)
err_buf[err_buf_size - 1] = 0;
}
WOLFSENTRY_ERROR_RERETURN(wolfsentry_centijson_errcode_translate(jps->fini_ret));
}
Expand Down Expand Up @@ -1941,9 +1943,14 @@ WOLFSENTRY_API wolfsentry_errcode_t wolfsentry_config_json_fini(
} else {
(*jps)->fini_ret = json_fini(&(*jps)->parser, &json_pos);
if ((*jps)->fini_ret < 0) {
if (err_buf != NULL)
snprintf(err_buf, err_buf_size, "json_fini failed at offset %d, line %u, col %u, with code " WOLFSENTRY_ERRCODE_FMT ": %s.",
(int)json_pos.offset,json_pos.line_number, json_pos.column_number, (int)(*jps)->fini_ret, json_error_str((*jps)->fini_ret));
if (err_buf != NULL) {
if (snprintf(err_buf, err_buf_size, "json_fini failed at offset %d, line %u, col %u, with code " WOLFSENTRY_ERRCODE_FMT ": %s.",
(int)json_pos.offset,json_pos.line_number, json_pos.column_number, (int)(*jps)->fini_ret, json_error_str((*jps)->fini_ret))
>= (int)err_buf_size)
{
err_buf[err_buf_size - 1] = 0;
}
}
ret = wolfsentry_centijson_errcode_translate((*jps)->fini_ret);
goto out;
}
Expand Down
Loading

0 comments on commit 46af28f

Please sign in to comment.