[BlueZ,4/4] lib/sdp: Pass size_t to sdp_get_string_attr()

Message ID	20231103182150.60088-5-verdre@v0yd.nl (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-bluetooth-owner@vger.kernel.org> From: =?utf-8?q?Jonas_Dre=C3=9Fler?= <verdre@v0yd.nl> To: linux-bluetooth@vger.kernel.org Cc: zbrown@gnome.org, =?utf-8?q?Jonas_Dre=C3=9Fler?= <verdre@v0yd.nl> Subject: [PATCH BlueZ 4/4] lib/sdp: Pass size_t to sdp_get_string_attr() Date: Fri, 3 Nov 2023 19:21:50 +0100 Message-ID: <20231103182150.60088-5-verdre@v0yd.nl> In-Reply-To: <20231103182150.60088-1-verdre@v0yd.nl> References: <20231103182150.60088-1-verdre@v0yd.nl> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	Fix an allocation oversight in SDP parsing \| expand [BlueZ,0/4] Fix an allocation oversight in SDP parsing [BlueZ,1/4] lib/sdp: Allocate strings in sdp_data_t with NULL termination [BlueZ,2/4] lib/sdp: Don't assume uint8_t has size 1 [BlueZ,3/4] lib/sdp: Use correct string length in sdp_copy_seq() [BlueZ,4/4] lib/sdp: Pass size_t to sdp_get_string_attr()

Message ID

20231103182150.60088-5-verdre@v0yd.nl (mailing list archive)

State

New, archived

Headers

From: =?utf-8?q?Jonas_Dre=C3=9Fler?= <verdre@v0yd.nl>
To: linux-bluetooth@vger.kernel.org
Cc: zbrown@gnome.org, =?utf-8?q?Jonas_Dre=C3=9Fler?= <verdre@v0yd.nl>
Subject: [PATCH BlueZ 4/4] lib/sdp: Pass size_t to sdp_get_string_attr()
Date: Fri,  3 Nov 2023 19:21:50 +0100
Message-ID: <20231103182150.60088-5-verdre@v0yd.nl>
In-Reply-To: <20231103182150.60088-1-verdre@v0yd.nl>
References: <20231103182150.60088-1-verdre@v0yd.nl>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

Fix an allocation oversight in SDP parsing | expand

Checks

Context	Check	Description
tedd_an/pre-ci_am	success	Success
tedd_an/CheckPatch	warning	WARNING:BAD_SIGN_OFF: Co-developed-by: must be immediately followed by Signed-off-by: #58: Co-developed-by: Zander Brown <zbrown@gnome.org> --- WARNING:LONG_LINE_COMMENT: line length of 91 exceeds 80 columns #80: FILE: lib/sdp.c:2189: + /* Have to copy the NULL terminator too, so check len < valuelen / WARNING:LONG_LINE: line length of 94 exceeds 80 columns #94: FILE: lib/sdp_lib.h:144: +int sdp_get_string_attr(const sdp_record_t rec, uint16_t attr, char value, size_t valuelen); WARNING:LONG_LINE: line length of 86 exceeds 80 columns #103: FILE: lib/sdp_lib.h:546: +static inline int sdp_get_service_name(const sdp_record_t rec, char str, size_t len) WARNING:LONG_LINE: line length of 86 exceeds 80 columns #109: FILE: lib/sdp_lib.h:551: +static inline int sdp_get_service_desc(const sdp_record_t rec, char str, size_t len) WARNING:LONG_LINE: line length of 87 exceeds 80 columns #115: FILE: lib/sdp_lib.h:556: +static inline int sdp_get_provider_name(const sdp_record_t rec, char str, size_t len) WARNING:LONG_LINE: line length of 81 exceeds 80 columns #121: FILE: lib/sdp_lib.h:561: +static inline int sdp_get_doc_url(const sdp_record_t rec, char str, size_t len) WARNING:LONG_LINE: line length of 87 exceeds 80 columns #127: FILE: lib/sdp_lib.h:566: +static inline int sdp_get_clnt_exec_url(const sdp_record_t rec, char str, size_t len) WARNING:LONG_LINE: line length of 82 exceeds 80 columns #133: FILE: lib/sdp_lib.h:571: +static inline int sdp_get_icon_url(const sdp_record_t rec, char *str, size_t len) /github/workspace/src/src/13444884.patch total: 0 errors, 9 warnings, 62 lines checked NOTE: For some of the reported defects, checkpatch may be able to mechanically convert to the typical style using --fix or --fix-inplace. /github/workspace/src/src/13444884.patch has style problems, please review. NOTE: Ignored message types: COMMIT_MESSAGE COMPLEX_MACRO CONST_STRUCT FILE_PATH_CHANGES MISSING_SIGN_OFF PREFER_PACKED SPDX_LICENSE_TAG SPLIT_STRING SSCANF_TO_KSTRTO NOTE: If any of the errors are false positives, please report them to the maintainer, see CHECKPATCH in MAINTAINERS.
tedd_an/GitLint	success	Gitlint PASS
tedd_an/IncrementalBuild	success	Incremental Build PASS

Context

Check

Description

tedd_an/pre-ci_am

success

Success

tedd_an/CheckPatch

warning

WARNING:BAD_SIGN_OFF: Co-developed-by: must be immediately followed by Signed-off-by: #58: Co-developed-by: Zander Brown <zbrown@gnome.org> --- WARNING:LONG_LINE_COMMENT: line length of 91 exceeds 80 columns #80: FILE: lib/sdp.c:2189: + /* Have to copy the NULL terminator too, so check len < valuelen */ WARNING:LONG_LINE: line length of 94 exceeds 80 columns #94: FILE: lib/sdp_lib.h:144: +int sdp_get_string_attr(const sdp_record_t *rec, uint16_t attr, char *value, size_t valuelen); WARNING:LONG_LINE: line length of 86 exceeds 80 columns #103: FILE: lib/sdp_lib.h:546: +static inline int sdp_get_service_name(const sdp_record_t *rec, char *str, size_t len) WARNING:LONG_LINE: line length of 86 exceeds 80 columns #109: FILE: lib/sdp_lib.h:551: +static inline int sdp_get_service_desc(const sdp_record_t *rec, char *str, size_t len) WARNING:LONG_LINE: line length of 87 exceeds 80 columns #115: FILE: lib/sdp_lib.h:556: +static inline int sdp_get_provider_name(const sdp_record_t *rec, char *str, size_t len) WARNING:LONG_LINE: line length of 81 exceeds 80 columns #121: FILE: lib/sdp_lib.h:561: +static inline int sdp_get_doc_url(const sdp_record_t *rec, char *str, size_t len) WARNING:LONG_LINE: line length of 87 exceeds 80 columns #127: FILE: lib/sdp_lib.h:566: +static inline int sdp_get_clnt_exec_url(const sdp_record_t *rec, char *str, size_t len) WARNING:LONG_LINE: line length of 82 exceeds 80 columns #133: FILE: lib/sdp_lib.h:571: +static inline int sdp_get_icon_url(const sdp_record_t *rec, char *str, size_t len) /github/workspace/src/src/13444884.patch total: 0 errors, 9 warnings, 62 lines checked NOTE: For some of the reported defects, checkpatch may be able to mechanically convert to the typical style using --fix or --fix-inplace. /github/workspace/src/src/13444884.patch has style problems, please review. NOTE: Ignored message types: COMMIT_MESSAGE COMPLEX_MACRO CONST_STRUCT FILE_PATH_CHANGES MISSING_SIGN_OFF PREFER_PACKED SPDX_LICENSE_TAG SPLIT_STRING SSCANF_TO_KSTRTO NOTE: If any of the errors are false positives, please report them to the maintainer, see CHECKPATCH in MAINTAINERS.

tedd_an/GitLint

success

Gitlint PASS

tedd_an/IncrementalBuild

success

Incremental Build PASS

Commit Message

Jonas Dreßler Nov. 3, 2023, 6:21 p.m. UTC

We're currently type-casting the output of strlen(sdpdata->val.str) into
an int, which is somewhat problematic given that strlen() can return
values larger than sizeof(int).

We can do better here and use size_t instead, so let's do that.

While at it, also add a comment explaining why the check here is "smaller
than" instead of "smaller than or equal".

Co-developed-by: Zander Brown <zbrown@gnome.org>
---
 lib/sdp.c     |  5 +++--
 lib/sdp_lib.h | 14 +++++++-------
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/lib/sdp.c b/lib/sdp.c
index 4b10d8f67..cff7e09fb 100644
--- a/lib/sdp.c
+++ b/lib/sdp.c
@@ -2180,13 +2180,14 @@  int sdp_get_int_attr(const sdp_record_t *rec, uint16_t attrid, int *value)
 }
 
 int sdp_get_string_attr(const sdp_record_t *rec, uint16_t attrid, char *value,
-								int valuelen)
+								size_t valuelen)
 {
 	sdp_data_t *sdpdata = sdp_data_get(rec, attrid);
 	if (sdpdata)
 		/* Verify that it is what the caller expects */
 		if (SDP_IS_TEXT_STR(sdpdata->dtd))
-			if ((int) strlen(sdpdata->val.str) < valuelen) {
+			/* Have to copy the NULL terminator too, so check len < valuelen */
+			if (strlen(sdpdata->val.str) < valuelen) {
 				strcpy(value, sdpdata->val.str);
 				return 0;
 			}
diff --git a/lib/sdp_lib.h b/lib/sdp_lib.h
index 22776b678..91d46f59d 100644
--- a/lib/sdp_lib.h
+++ b/lib/sdp_lib.h
@@ -141,7 +141,7 @@  int sdp_general_inquiry(inquiry_info *ii, int dev_num, int duration, uint8_t *fo
 
 /* flexible extraction of basic attributes - Jean II */
 int sdp_get_int_attr(const sdp_record_t *rec, uint16_t attr, int *value);
-int sdp_get_string_attr(const sdp_record_t *rec, uint16_t attr, char *value, int valuelen);
+int sdp_get_string_attr(const sdp_record_t *rec, uint16_t attr, char *value, size_t valuelen);
 
 /*
  * Basic sdp data functions
@@ -543,32 +543,32 @@  int sdp_get_service_avail(const sdp_record_t *rec, uint8_t *svcAvail);
 int sdp_get_service_ttl(const sdp_record_t *rec, uint32_t *svcTTLInfo);
 int sdp_get_database_state(const sdp_record_t *rec, uint32_t *svcDBState);
 
-static inline int sdp_get_service_name(const sdp_record_t *rec, char *str, int len)
+static inline int sdp_get_service_name(const sdp_record_t *rec, char *str, size_t len)
 {
 	return sdp_get_string_attr(rec, SDP_ATTR_SVCNAME_PRIMARY, str, len);
 }
 
-static inline int sdp_get_service_desc(const sdp_record_t *rec, char *str, int len)
+static inline int sdp_get_service_desc(const sdp_record_t *rec, char *str, size_t len)
 {
 	return sdp_get_string_attr(rec, SDP_ATTR_SVCDESC_PRIMARY, str, len);
 }
 
-static inline int sdp_get_provider_name(const sdp_record_t *rec, char *str, int len)
+static inline int sdp_get_provider_name(const sdp_record_t *rec, char *str, size_t len)
 {
 	return sdp_get_string_attr(rec, SDP_ATTR_PROVNAME_PRIMARY, str, len);
 }
 
-static inline int sdp_get_doc_url(const sdp_record_t *rec, char *str, int len)
+static inline int sdp_get_doc_url(const sdp_record_t *rec, char *str, size_t len)
 {
 	return sdp_get_string_attr(rec, SDP_ATTR_DOC_URL, str, len);
 }
 
-static inline int sdp_get_clnt_exec_url(const sdp_record_t *rec, char *str, int len)
+static inline int sdp_get_clnt_exec_url(const sdp_record_t *rec, char *str, size_t len)
 {
 	return sdp_get_string_attr(rec, SDP_ATTR_CLNT_EXEC_URL, str, len);
 }
 
-static inline int sdp_get_icon_url(const sdp_record_t *rec, char *str, int len)
+static inline int sdp_get_icon_url(const sdp_record_t *rec, char *str, size_t len)
 {
 	return sdp_get_string_attr(rec, SDP_ATTR_ICON_URL, str, len);
 }