Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Convert from strlen to strnlen where appropriate #808

Closed
skliper opened this issue Feb 11, 2021 · 3 comments · Fixed by #810 or #774
Closed

Convert from strlen to strnlen where appropriate #808

skliper opened this issue Feb 11, 2021 · 3 comments · Fixed by #810 or #774
Assignees
@jphickey
Labels
bug refactor security
Milestone
Caelum

Comments

@skliper
Copy link
Contributor

skliper commented Feb 11, 2021

Is your feature request related to a problem? Please describe.
Per security standards strlen should be avoided if possible:

src/os/vxworks/src/os-impl-shell.c:        OS_write(fdCmd, Cmd, strlen(Cmd));
src/os/vxworks/src/os-impl-symtab.c:    if (strlen(name) >= OS_MAX_SYM_LEN)
src/os/shared/src/osapi-sockets.c:        len = strlen(sock->stream_name);
src/os/shared/src/osapi-sockets.c:        len = strlen(sock->stream_name);
src/os/shared/src/osapi-idmap.c:            name_len = strlen(record->name_entry);
src/os/shared/src/osapi-filesys.c:    mplen = strlen(filesys->virtual_mountpt);
src/os/shared/src/osapi-filesys.c:    if (strlen(dev_name) >= OS_FS_DEV_NAME_LEN)
src/os/shared/src/osapi-filesys.c:    VirtPathLen = strlen(VirtualPath);
src/os/shared/src/osapi-filesys.c:    if (strlen(name_ptr) >= OS_MAX_FILE_NAME)
src/os/shared/src/osapi-filesys.c:            SysMountPointLen = strlen(filesys->system_mountpt);
src/os/shared/src/osapi-filesys.c:            VirtPathBegin    = strlen(filesys->virtual_mountpt);

Describe the solution you'd like
Replace with strnlen where possible.

Describe alternatives you've considered
None

Additional context
Security analysis warning

Requester Info
Jacob Hageman - NASA/GSFC
@skliper skliper added this to the 6.0.0 milestone Feb 11, 2021
@jphickey
Copy link
Contributor

Unfortunately strnlen() is not C99... otherwise would have done this a long time ago!

My recommendation is to use memchr() which returns a pointer to the null byte. If this returns non-null the string pointer can be subtracted which gets the length. It requires an extra local variable but memchr() is part of ISO C standard so every platform should have this.

@skliper
Copy link
Contributor Author

skliper commented Feb 11, 2021

That's what I get for copy pasting from a security analysis report, suggestion noted!

@jphickey
Copy link
Contributor

We could always make an OSAL wrapper around memchr() to give ourselves a utility function that works like strnlen does. That would be easy. Maybe in os-common.c .... then even other stuff like CFE could use it too.

I can easily see that turning into a dumping ground for "functions the ISO C standard should have but doesn't"

jphickey added a commit to jphickey/osal that referenced this issue Feb 12, 2021
@jphickey
Fix nasa#808, length-limited string length checks
efa1844 
Create a wrapper around memchr() that mimics the non-C99 function
"strnlen()" which is in POSIX-2008.

Use this instead of strlen() whenever the string being checked
either originates in or will be copied into a fixed-length array buffer.
@jphickey jphickey mentioned this issue Feb 12, 2021
Merged
astrogeco added a commit that referenced this issue Feb 12, 2021
@astrogeco
Merge pull request #810 from jphickey/fix-808-strnlen
842fe88 
Fix #808, length-limited string length checks
@astrogeco astrogeco mentioned this issue Feb 12, 2021
Merged
jphickey pushed a commit to jphickey/osal that referenced this issue Aug 10, 2022
@zanzaben
Fix nasa#808, ES Info API Functional test
e8a43be
jphickey pushed a commit to jphickey/osal that referenced this issue Aug 10, 2022
@astrogeco
Merge pull request nasa#1251 from zanzaben/fix808_ES_API_Functional_T…
67ee18c 
…ests

Fix nasa#808, ES API functional tests
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jphickey jphickey

Labels
bug refactor security
Projects
None yet
Milestone
Caelum
3 participants
@jphickey @skliper @astrogeco